vermelho.org.br Open in urlscan Pro
2606:4700:3037::ac43:9ae6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vermelho.org.br/
Effective URL:
https://vermelho.org.br/
Submission Tags: tranco_l324
Submission: On November 20 via api (November 20th 2021, 2:35:49 am UTC) from DE — Scanned from DE

Summary HTTP 315 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 30 domains to perform 315 HTTP transactions. The main IP is 2606:4700:3037::ac43:9ae6, located in United States and belongs to CLOUDFLARENET, US. The main domain is vermelho.org.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time vermelho.org.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	2606:4700:303... 2606:4700:3037::ac43:9ae6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
36	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 28	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
20	2600:9000:215... 2600:9000:2156:7e00:1e:f77c:1000:21	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:5c00:7:c135:4380:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
10	2600:9000:215... 2600:9000:2156:8200:11:d2b:9e40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4026:805::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:17::a	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	34.199.60.215 34.199.60.215	14618 (AMAZON-AES) (AMAZON-AES)
11	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 2	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f14:d24... 2600:1f14:d24:9300:b360:915c:21c:8f3f	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
315	35

29 2606:4700:3037::ac43:9ae6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vermelho.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

anchor.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2156:7e00:1e:f77c:1000:21 (United States)

ASN16509 (AMAZON-02, US)

d1rx8vrt2hn1hc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:5c00:7:c135:4380:21 (United States)

ASN16509 (AMAZON-02, US)

d3t3ozftmdmh3i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2156:8200:11:d2b:9e40:21 (United States)

ASN16509 (AMAZON-02, US)

d12xoj7p9moygp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4026:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:17::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5ednde.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.60.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-60-215.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.136.236 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:d24:9300:b360:915c:21c:8f3f (Boardman, United States)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	889 KB
39	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	276 KB
36	cloudfront.net d1rx8vrt2hn1hc.cloudfront.net d3t3ozftmdmh3i.cloudfront.net d12xoj7p9moygp.cloudfront.net	12 MB
36	anchor.fm anchor.fm Failed	93 KB
29	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	447 KB
29	vermelho.org.br 1 redirects vermelho.org.br	2 MB
14	googleapis.com fonts.googleapis.com	19 KB
12	google.com 3 redirects apis.google.com adservice.google.com www.google.com	36 KB
10	youtube.com www.youtube.com Failed	703 KB
8	googletagservices.com www.googletagservices.com	291 KB
8	google-analytics.com www.google-analytics.com	119 KB
5	sentry.io sentry.io	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	google.de adservice.google.de www.google.de	2 KB
4	onesignal.com cdn.onesignal.com onesignal.com	82 KB
3	fontawesome.com use.fontawesome.com	160 KB
2	openx.net 2 redirects rtb.openx.net	580 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	agkn.com 2 redirects d.agkn.com	1 KB
2	quantserve.com cms.quantserve.com	925 B
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	innovid.com ag.innovid.com	296 B
1	mookie1.com 1 redirects odr.mookie1.com	693 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	googlevideo.com rr5---sn-4g5ednde.googlevideo.com	2 MB
1	ytimg.com i.ytimg.com	33 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	googleadservices.com partner.googleadservices.com	639 B
1	googletagmanager.com www.googletagmanager.com	36 KB
315	30

	Domain	Requested by
46	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
36	anchor.fm	vermelho.org.br d1rx8vrt2hn1hc.cloudfront.net
29	vermelho.org.br	1 redirects vermelho.org.br
26	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net vermelho.org.br
20	d1rx8vrt2hn1hc.cloudfront.net	anchor.fm d1rx8vrt2hn1hc.cloudfront.net
19	pagead2.googlesyndication.com	vermelho.org.br pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
14	fonts.googleapis.com	vermelho.org.br d1rx8vrt2hn1hc.cloudfront.net googleads.g.doubleclick.net
12	www.gstatic.com	googleads.g.doubleclick.net www.youtube.com www.gstatic.com
11	cm.g.doubleclick.net	vermelho.org.br googleads.g.doubleclick.net
10	d12xoj7p9moygp.cloudfront.net	d1rx8vrt2hn1hc.cloudfront.net
10	www.youtube.com	vermelho.org.br www.youtube.com
8	www.googletagservices.com	googleads.g.doubleclick.net
8	www.google.com	3 redirects vermelho.org.br www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com anchor.fm
6	d3t3ozftmdmh3i.cloudfront.net	anchor.fm d1rx8vrt2hn1hc.cloudfront.net vermelho.org.br
5	sentry.io	d1rx8vrt2hn1hc.cloudfront.net
4	image6.pubmatic.com	4 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	use.fontawesome.com	vermelho.org.br use.fontawesome.com
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	d.agkn.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	vermelho.org.br cdn.onesignal.com
1	pixel.rubiconproject.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	rr5---sn-4g5ednde.googlevideo.com	googleads.g.doubleclick.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.google.de	vermelho.org.br
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.wp.com	vermelho.org.br
1	stats.wp.com	vermelho.org.br
1	apis.google.com	vermelho.org.br
1	www.googletagmanager.com	vermelho.org.br
315	43

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
grabois.org.br
www.patrialatina.com.br
baraodeitarare.org.br
www.solidnet.org
www.marx21.it
www.redebrasilatual.com.br
en.imsilkroad.com
portuguese.people.com.cn
www.prensalatina.com.br
portuguese.xinhuanet.com
marxismo21.org
hacklab.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
anchor.fm R3	`2021-09-26` - `2021-12-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-02` - `2022-01-11`	2 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 39 frames:

Primary Page: https://vermelho.org.br/
Frame ID: 71C6111D560893B7275A624D62C0A5AB
Requests: 75 HTTP requests in this frame

Frame: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Frame ID: AD4000919612E9B8F821ED982AA3A18D
Requests: 1 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
Frame ID: FFAD8809094267E194CEB47B013FEC28
Requests: 1 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
Frame ID: 0BCD4D5C8D2D7FD8C417D9088B434EEC
Requests: 1 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
Frame ID: 25D8F6C033AC9B9372EADAABB5DED3A4
Requests: 1 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
Frame ID: C2EA15DC98E6DC7F05EE0729B9E4EABD
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5-u7IYb9rX0
Frame ID: F33F06C116C456E4C536FCBF56186F9F
Requests: 1 HTTP requests in this frame

Frame: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Frame ID: C7F2200B50347F7F3CD68CC93ECA5848
Requests: 19 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
Frame ID: E1A151061C06390D6F38F2D4F4AF6F47
Requests: 17 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
Frame ID: BA75E738265E4E87016F6021EDF65A25
Requests: 17 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
Frame ID: 00192B9399334471C73A8EDA5C27FEF7
Requests: 17 HTTP requests in this frame

Frame: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
Frame ID: F541BB100C283D8705FDF8F45E808C3E
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5-u7IYb9rX0
Frame ID: 92396D09F9BFB949A38B8DFE6EB9244B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 00B30E24C6D15DA10E41E67B94801A48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229
Frame ID: 5CD7A96B47DC94687D984EB52A0FBDE4
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2542960008&adf=20860639&pi=t.ma~as.3154128600&w=668&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=668x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738549&bpp=2&bdt=633&idt=232&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=466&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=olgNaOYkCV&p=https%3A//vermelho.org.br&dtd=235
Frame ID: DA7D4DEF7D36D4F7E088BBDA75121F00
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=250&slotname=3154128600&adk=3173649077&adf=2181454578&pi=t.ma~as.3154128600&w=319&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738551&bpp=1&bdt=635&idt=238&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1164&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8T8awcEDfD&p=https%3A//vermelho.org.br&dtd=241
Frame ID: 4EEB8539DAC0FA504071E8A8FE116921
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246
Frame ID: 0D8CCD4F3DD89F59E731014988A3B837
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251
Frame ID: 92FF0709E66AE24527548F1B39371FE7
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&adk=1812271804&adf=3025194257&lmt=1637375738&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvermelho.org.br%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738572&bpp=1&bdt=656&idt=243&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280&nras=1&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=251
Frame ID: 38E78E49AB776DAD392EE9DE34EA2972
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14
Frame ID: FA1D76D6B028936DF2E954A0DCAA7E98
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&adk=1099912328&adf=4268860968&pi=t.aa~a.3690207914~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=1200x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1685&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0%2C299x600&nras=3&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=3563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=Q3ii9MQkKc&p=https%3A//vermelho.org.br&dtd=19
Frame ID: FC7D5424906A3991816BFC4EE84CCB2D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1
Frame ID: 352FA4FB4EB96A44431D4C481D9C8289
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 41DC2C79D8128E657B7FE530CB7A52AB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A99B7FFB162CEE0C87937889C51D9505
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 65FD220D1D6A5805E98BE00B0F45BD23
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 6650D823FC40D5CB2E373D6FC5D2191E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 8383355B7B91A83E1AE0D4B225823457
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 790E0CA27D211538406784118371C63A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 1F924C136DA1D8E139EDB66CC5DF914E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: CC447DC2687BAA703CF142A48A09D070
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1376F7790C2BE31ACF63420DBDB46DC1
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 010F0DCA1D088950E74A849A3B1C166A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 14EA2C28B703B95EA59A7E8C6A3D7852
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: B180F81516EEC15F9CF6E4E010AA4432
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 7147646BAA73E8A1B2DBA4937081C215
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 089F9D14CCD076C2007378EB4EA70AD9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4280E2B5E0D5E777EDC2379DB922C6C8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0890CD73BB76E082972696B62A7A5A96
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vermelho

Page URL History Show full URLs

http://vermelho.org.br/ HTTP 308
https://vermelho.org.br/ Page URL

Page Statistics

315
Requests

94 %
HTTPS

71 %
IPv6

30
Domains

43
Subdomains

35
IPs

5
Countries

19408 kB
Transfer

57219 kB
Size

33
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/vermelhobrasil/?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/portalvermelho

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tevevermelho?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/follow?screen_name=@vermelho
Title: Seguir

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/tevevermelho
Title: Ver mais

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVdVGfX7medTd1v8idHGgnA?sub_confirmation=1
Title: Seguir canal

Search URL Search Domain Scan URL

URL: http://grabois.org.br/

Search URL Search Domain Scan URL

URL: https://www.patrialatina.com.br/

Search URL Search Domain Scan URL

URL: https://baraodeitarare.org.br/

Search URL Search Domain Scan URL

URL: https://www.solidnet.org/

Search URL Search Domain Scan URL

URL: https://www.marx21.it/

Search URL Search Domain Scan URL

URL: https://www.redebrasilatual.com.br/

Search URL Search Domain Scan URL

URL: https://en.imsilkroad.com/

Search URL Search Domain Scan URL

URL: http://portuguese.people.com.cn/

Search URL Search Domain Scan URL

URL: https://www.prensalatina.com.br/

Search URL Search Domain Scan URL

URL: http://portuguese.xinhuanet.com/

Search URL Search Domain Scan URL

URL: https://marxismo21.org/

Search URL Search Domain Scan URL

URL: https://hacklab.com.br/
Title: hacklab/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vermelho.org.br/ HTTP 308
https://vermelho.org.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 275

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 302

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJwM19384UXJ6NR5N3G-m6tY3ethslFGbKVioCvyLJeu9DjIFIJFAMPUIqy6JuMJx1bjiQJA8HdOp77skdOsd6M3tVYqpw&google_gid=CAESEK4qHrS1aOTzBgisaKrPWdA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpoZS13QUFCUWZtSldIMg&google_push=AYg5qPJwM19384UXJ6NR5N3G-m6tY3ethslFGbKVioCvyLJeu9DjIFIJFAMPUIqy6JuMJx1bjiQJA8HdOp77skdOsd6M3tVYqpw

Request Chain 303

https://d.agkn.com/pixel/2175/?google_gid=CAESEA74jc7XQUYX_kqy2sFggwk&google_cver=1&google_push=AYg5qPL17edaRPZ6EjVRZP0m7Wapeoe_3uhrvQWTRsPY2R_PLNMmFu1kOI0FSlWeu9NtRBF8pWeUQZuFoyI76rNvY2VSfNA-3xI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL17edaRPZ6EjVRZP0m7Wapeoe_3uhrvQWTRsPY2R_PLNMmFu1kOI0FSlWeu9NtRBF8pWeUQZuFoyI76rNvY2VSfNA-3xI&google_hm=Q0FFU0VBNzRqYzdYUVVZWF9rcXkyc0ZnZ3dr

Request Chain 304

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJV9fdKz_ZV-NegGzDAUqP0&google_push=AYg5qPLZPXcMIGxxUrYcFzELnrs6knlFbOM6ymd_sdGS6HapcDx7kSlyFBO_sxNdtiKGlRbJ3gpTEEwOmfgbKE2LDPLuMlwYhg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLZPXcMIGxxUrYcFzELnrs6knlFbOM6ymd_sdGS6HapcDx7kSlyFBO_sxNdtiKGlRbJ3gpTEEwOmfgbKE2LDPLuMlwYhg&google_hm=MTA4MTY2NjExNDM3MjA5Nzc4MzQ

Request Chain 305

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBKUCgdyzRTJf4Xo_yw5kcc&google_cver=1&google_push=AYg5qPJYGKs2xLPIEQj6ys4Adkr7pISbkPE1veBhoppA7NK9XdMfZB4LGSR_A_1vRuMaDhVPypYhSKcqbMis6juvUTJev_t4ihw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBKUCgdyzRTJf4Xo_yw5kcc&google_cver=1&google_push=AYg5qPJYGKs2xLPIEQj6ys4Adkr7pISbkPE1veBhoppA7NK9XdMfZB4LGSR_A_1vRuMaDhVPypYhSKcqbMis6juvUTJev_t4ihw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DXKrcpsDSzGK2QV21vL_fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJYGKs2xLPIEQj6ys4Adkr7pISbkPE1veBhoppA7NK9XdMfZB4LGSR_A_1vRuMaDhVPypYhSKcqbMis6juvUTJev_t4ihw

Request Chain 306

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1

Request Chain 312

https://d.agkn.com/pixel/2175/?google_gid=CAESEA74jc7XQUYX_kqy2sFggwk&google_cver=1&google_push=AYg5qPIaLlf5ZHAEVh1CcJznn5GUzh5zLSUC8cyGsjgTftfsbk9G_N-53yAhNQLUfEqTbqxE0pvSS6e_hroGvtnAdJTZ-40vX76c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIaLlf5ZHAEVh1CcJznn5GUzh5zLSUC8cyGsjgTftfsbk9G_N-53yAhNQLUfEqTbqxE0pvSS6e_hroGvtnAdJTZ-40vX76c&google_hm=Q0FFU0VBNzRqYzdYUVVZWF9rcXkyc0ZnZ3dr

Request Chain 313

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJV_BOAMxzsHCHWLrinLU69pxB1zrKIEy74bi0B2HGxgEI-YW7e6tC7NumOsG5JsUV6-4OZbsTK9OWzyHx4x8eNkkx_vZ0&google_gid=CAESEGJF13uaebAyYVg4eLd_Gp0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJV_BOAMxzsHCHWLrinLU69pxB1zrKIEy74bi0B2HGxgEI-YW7e6tC7NumOsG5JsUV6-4OZbsTK9OWzyHx4x8eNkkx_vZ0&google_gid=CAESEGJF13uaebAyYVg4eLd_Gp0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjAwMjM1NDMwMDA3ODQwMzU3MzAzOQ%3D%3D&google_push=AYg5qPJV_BOAMxzsHCHWLrinLU69pxB1zrKIEy74bi0B2HGxgEI-YW7e6tC7NumOsG5JsUV6-4OZbsTK9OWzyHx4x8eNkkx_vZ0

Request Chain 314

https://rtb.openx.net/sync/dds?google_gid=CAESECSX1q3Kt-G-8CJEIcesOqQ&google_cver=1&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECSX1q3Kt-G-8CJEIcesOqQ&google_cver=1&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54&google_hm=vDqiRl48waUMql7NONTqXA==

Request Chain 315

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBKUCgdyzRTJf4Xo_yw5kcc&google_cver=1&google_push=AYg5qPIpn8KqhxVv16TaHT3e8YWYjUu2OlX32-p4X_wjItoGZY2W3iDabLTElVgAV6ZYsEXlVzQl9GaeBqEpnswMLg2CufZbCm7l HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBKUCgdyzRTJf4Xo_yw5kcc&google_cver=1&google_push=AYg5qPIpn8KqhxVv16TaHT3e8YWYjUu2OlX32-p4X_wjItoGZY2W3iDabLTElVgAV6ZYsEXlVzQl9GaeBqEpnswMLg2CufZbCm7l&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_1fK_D1TQjCGdC3Mv9Vhvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpn8KqhxVv16TaHT3e8YWYjUu2OlX32-p4X_wjItoGZY2W3iDabLTElVgAV6ZYsEXlVzQl9GaeBqEpnswMLg2CufZbCm7l

Request Chain 316

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3aOBWJdtzfKLgN3dfWePQ&google_cver=1&google_push=AYg5qPJWBMjmzZQ7AGecfXotBGmcTVIs_3TJhlr7Kt383eqh49RnTdDjHC7ndE8-l0wmkiSDCyB_y54sXHEDfSwj90NIKyLpoWM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c3NzhQOFUtWi1JWEFW&google_push=AYg5qPJWBMjmzZQ7AGecfXotBGmcTVIs_3TJhlr7Kt383eqh49RnTdDjHC7ndE8-l0wmkiSDCyB_y54sXHEDfSwj90NIKyLpoWM

Request Chain 317

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ

Request Chain 322

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 327

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

315 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vermelho.org.br/
Redirect Chain

http://vermelho.org.br/
https://vermelho.org.br/

138 KB
21 KB

158ms
132ms

Document
text/html

2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.10

Resource Hash

9a60e1c7b9f20b327b1a1ff989d6c61bbd77433ae22dc4a3a14d2be2b7636606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 20 Nov 2021 02:35:37 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.10
link: <https://vermelho.org.br/wp-json/>; rel="https://api.w.org/" <https://vermelho.org.br/>; rel=shortlink
vary: Accept-Encoding
x-cacheable: YES
cache-control: max-age=900
x-unsetcookies: TRUE
x-varnish: 410122283 410847994
via: 1.1 varnish (Varnish/6.0)
age: 0
x-cache: HIT
strict-transport-security: max-age=15724800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIxRe4cFmqqkxSOFAaoumm9r%2FcVhvBW14PEETuz8e1ar4KTHhmsSMpZopYNXVeUQa9kISXAhl5ROtUiZuIV9IRiJfFO03ZiZcXhmjgDVBbEFd%2FbgaFdYVHTGYuYA%2Fgrv207Rjs5REtzGj8V6WU4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b0e49392d866933-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 20 Nov 2021 02:35:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://vermelho.org.br/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipgrS3NSidRVx37BzJHP0oY5Y22GkFEDc1GJeH7GW%2Fp%2FSbZ3tUMIYVPQDlsUmTZ3N0Zn6pXvtIWnQseBH5%2F44zjeuIVq2B4Ab4ULZQ9wAsYeMmoXxZBZRiqt9bt%2BTLjnMFXFt6Zp61goQ0CuOPo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6b0e49387f8a5b50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazyload.min.js Show response
vermelho.org.br/wp-content/plugins/w3-total-cache/pub/js/ 6 KB
3 KB 188ms
186ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2eb06933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 15 Jan 2021 18:15:59 GMT
server: cloudflare
etag: W/"1883-5b8f45d3b924d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyQcOLgDIJHr2DyyTGluI5XZ4ViiQNIHekbVdAsHk5ZCiMmdvqdaHhJBXIyy2m3Wpifqw%2FtBf7FE3B5UZgVKAgOnLxr%2BWQVSd%2F%2FDC%2BJox2ltsyOHFHj%2BxSaoMLwfA%2BjuNdMjAjhWgw4iBPpqaoc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 286689310 302057973
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 127ms
59ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16466631-1

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

340673960d6666b4ebc1abd7ef60c2828a21a61ae75a6e82d9b58ff25b1cd0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36117
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Nov 2021 02:35:38 GMT

GET
H2 200 style.min.css
vermelho.org.br/wp-includes/css/dist/block-library/ 40 KB
6 KB 160ms
158ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-includes/css/dist/block-library/style.min.css?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2eb76933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 15:15:44 GMT
server: cloudflare
etag: W/"a1fb-5974ff4832800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSl720fUV%2BeWKjFGIQNzXPbN%2FUNZyj79qLllimaNE3ABN37aM%2BNIVWF6D3KaF72fCOGO00qdgzjSp8n4HmuxlFssRj3iO1kPeW5z5cDBTSISUgRx5bD3C7pTl9CVGnNSwZ4dZSKh3R4RknSjNbI%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 273378098 302057975
cache-control: max-age=14400
content-type: text/css

GET
H2 200 blocks.style.build.css
vermelho.org.br/wp-content/plugins/coblocks-extended/dist/ 124 KB
17 KB 167ms
164ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/coblocks-extended/dist/blocks.style.build.css?ver=1.17.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6f9d5fd0da9dcaed7fbff908f393acf2b16bf661bdf5cc1854997b0473d91fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ebb6933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 11 Dec 2019 04:05:13 GMT
server: cloudflare
etag: W/"1f196-59965bc45f040-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQY3hdW05KOBRf%2Fa40YPa7mLb75GLaH39EtLnA4bfxO1GqzkVUEW49WB2UNKNkG%2FhX%2BJCWRHlKCZ7K0MSNNCFA61bFB%2F79i7q9dsndLnkB53IKSywwCoGgdx8gGnGDkNUWICSRuuU8yTBSvTyBc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 253100997 260592212
cache-control: max-age=14400
content-type: text/css

GET
H2 200 styles.css
vermelho.org.br/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1020 B 186ms
184ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec06933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Jan 2020 19:29:19 GMT
server: cloudflare
etag: W/"66d-59d241fabb806-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ2Yhhj9srleQRoTIjZ5Q2Xz0kvm%2FtDRzZZ%2BM%2FTzjIDdrZXNU4aaV%2FoowlKcjg0gz8jBKWcS8Xng7R%2FuackrnZTnnLXCXxJPLFQjIo2BPUyUfYnfgLmgFq59CXamgCWvq9CVtOFTNjbfa8lNpVE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 273378097 260592214
cache-control: max-age=14400
content-type: text/css

GET
H2 200 front-flex.min.css
vermelho.org.br/wp-content/plugins/siteorigin-panels/css/ 971 B
737 B 157ms
155ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.10.13

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785e8ba1c5d874ec2ca991f74ee524b90617b8003060e8005074ff16597e1193

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec26933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 20:54:57 GMT
server: cloudflare
etag: W/"3cb-59754b1b1ed4e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHL6P9OBPeI3maVyADJdMNnxUX6Vwe0rzEYDD6Cve4oQzhyY8s7elGyBJN16Sv94%2FUK%2BYxpGzktC%2FOsQlf96nE0XCjokL%2Be2v%2BCyJYRmPh8MJL5bfa9vzLOW9Rw1WI0qIZ%2Bgy0sIlKTj37jhyX8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 299021759 254471199
cache-control: max-age=14400
content-type: text/css

GET
H2 200 foundation.min.css
vermelho.org.br/wp-content/themes/vermelho/dist/ 51 KB
10 KB 184ms
182ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/dist/foundation.min.css?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

681f6c3adc00102724deae60d5335a91251b518fcb212fb47bbd7c18dc62a2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec36933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: W/"cadf-5c2b43d8b6280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaYb2NSVXo3wTahxny2FM3ZIj%2BDWE0ITVLpd7JVjZYk4r9Oii%2BhcejfpMYfhdlHaifg%2FYPkezewnoRG%2F7CBfKkc38iZwJK35WJCb4XSpYrYeF2WeFwdUamwLgWweeAz8ciwLzzRmEl%2B9ks6Vlwc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 255254557 260592225
cache-control: max-age=14400
content-type: text/css

GET
H2 200 app.css
vermelho.org.br/wp-content/themes/vermelho/dist/ 48 KB
10 KB 163ms
161ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e07af6e44fa7fd02b034eec47d8ca9005e28a0fb7f24b4ee0d4c1d4a5e7ee7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec46933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 19:59:01 GMT
server: cloudflare
etag: W/"c1ee-5c2b44203cb40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxucDt4XNvBICq4xv50o70Sg4ze7kBasLFttj3rtzUg1cJdTKwmAIb%2BCf07kMHmTxQYvxuZK2MsiBg%2B7mhDlona43NHwAJPlEZg8udro9b8y5U7t5yHudEJ%2F%2B59yWD9IMV73DxGuRqiiWfk9LSw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 374116678 375334346
cache-control: max-age=14400
content-type: text/css

GET
H2 200 jetpack.css
vermelho.org.br/wp-content/plugins/jetpack/css/ 70 KB
13 KB 208ms
206ms Stylesheet
text/css 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/jetpack/css/jetpack.css?ver=8.3.1

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dd1db00ed32d1cf4187f2ae448791d5c1f1478521cf9fa6ac2c63d65f0c6cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec56933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 03 Jun 2021 16:22:46 GMT
server: cloudflare
etag: W/"1188d-5c3defc511e14-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDBddk2Eei%2Fqb62DakVDhTKjYah0Y58xYxseiWf53PdLIsuvYzHL4BHWLaVSFtXEKBEnyuR5GmFJFmfFLUk3rMnv1xjgJADE2bjMPBLJLUblNuhw8Vkew28GP8xO8baS3URzGnD3%2BaQbbLHQzo4%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 301443758 260592221
cache-control: max-age=14400
content-type: text/css

GET
H2 200 jquery.js Show response
vermelho.org.br/wp-includes/js/jquery/ 95 KB
34 KB 186ms
185ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec66933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 15:15:44 GMT
server: cloudflare
etag: W/"17a69-5974ff4832800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx3Bf5rbgINVHDFYav3iCpBic%2FBp4tYRm0ydSVzbytPlXrK5bWi%2BslJmfDrF5t2qO%2BBNzZQm4K1NQhC9C5w9w%2Bisjh0dPC0MYYLgWSSrTF2cQkL7dxmNcdWBhGkKUNrv3qFQYgWaRzjjwL2o%2F4o%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 301861455 302057986
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
vermelho.org.br/wp-includes/js/jquery/ 10 KB
4 KB 157ms
156ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a2ec86933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 15:15:44 GMT
server: cloudflare
etag: W/"2748-5974ff4832800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d4TQxElUxKWFiwuZXFZvPKeDYZEeG6ZiObfezDV5qy05xTw4jJd2JKerYVj85pZpG2W4Uqd8pxFDjWEvwrC9daKTR65iuKrC0zT%2F8lOOtLaPxf1yoZY2upEQORcP8XHJYwCR4A5Gi5MmzbaFc4%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 255254556 302057988
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 featured-videos.js Show response
vermelho.org.br/wp-content/plugins/pagebuilder-components/pagebuilder-components/widgets/featured-videos/ 649 B
631 B 221ms
219ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/pagebuilder-components/pagebuilder-components/widgets/featured-videos/featured-videos.js?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26912d92c35c13e9c6406ef81f5de72e92947303ad38823c1bd30783f15d6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4ee86933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 19:57:47 GMT
server: cloudflare
etag: W/"289-5c2b43d9aa4c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeJTyVASnr6Y06ujgt4mGdz4LOOvJkfR%2Fzc8wM3%2F2wYMFXrMOcbndFPu%2FsYttCdBzIn7eoyoiMjcT27f4SgILXM2LWDR9d891OgQHw43Dopw7TWMenOmTDweEmJ6M4JnoZbws%2FtzPOVvk1pRqWs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 376383630 377362547
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 130ms
60ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67487c184e81573e85c1989529a7226606910caf35efc057e65a72748912c216

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-53sCHqnw9BbQc2IUTkyuVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b0c508509e665fb0f1dda47fb87819b9"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-53sCHqnw9BbQc2IUTkyuVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Sat, 20 Nov 2021 02:35:38 GMT

GET
H2 200 frontend-gtag.min.js Show response
vermelho.org.br/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 223ms
222ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.17.0

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4ee96933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 17:19:05 GMT
server: cloudflare
etag: W/"23d2-5c2b2061115df-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy74aLKL0kwY%2FPc1dQ%2B%2BpGljtocGquPDKEBkQf4ndSr2qN9rAepvn3noAkPKrTbOMsugx1VBt5N%2FQuxFe%2FR0W%2FWcFGY23J%2BAe6LfFRfQO28%2FG%2Bt1vh1gScn1XCdexuHvdYi0KsiZYiFjTEE3FvY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 302058177 302057992
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.2/css/ 54 KB
13 KB 105ms
41ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

Referer: https://vermelho.org.br/
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11772813
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: F0SB581KDA0FAAAZ
x-amz-id-2: ioJwJP403M3ASmQAIEoOzFnjSQ+gjLE+3EoqWB0IpzKLKAMlj8RkyzDKAEh1JdyNAIp8K0rOVj4=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: W/"77cbad34e5ce95e70847b074e05faeab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbkFhP1OeP%2Fl%2FDEUby%2BTiowlXnHKbf%2FwRq94FKWQMcFOkr3E5S4DP0X6bK93qssGBZWODBqXMr0NctfeUWwLvdMUH0yQMIFWuCV%2BIxoHmibdGCVqkFBIbRp6m49miu2L7x1TomLOi3Ezm84g9k6DTe5L"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6b0e493a8d7d4e9e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 119ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6647d73e9add3a0c2a28a4904c8da8d090aa1a255713c60c7f3deff38e55b71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51210
x-xss-protection: 0
server: cafe
etag: 15040106552737361130
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 02:35:38 GMT

GET
H2 200 scripts.js Show response
vermelho.org.br/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 198ms
197ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4eec6933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 27 Jan 2020 19:29:19 GMT
server: cloudflare
etag: W/"3868-59d241faba866-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fu7xhuy6dZXkX00w30Yplid4e22pSwyMIlnsB6bukmnb88Lw%2FoCxPGzwhmEyrgSkig8TEYhrDKdQfubhGQu14sXE22PYpaDyAq6C%2FkeYSatutOG%2Ffj2OSdXPDSPSWK8H1Ee%2BOwBbCajV82Rwzf0%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 302058178 302057994
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 app.js Show response
vermelho.org.br/wp-content/themes/vermelho/dist/ 440 KB
156 KB 204ms
203ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2d0de6ee8c30ba9c9721a9994c6478003805ecc56e4691ed69795f56d9db838

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4eed6933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 19:59:01 GMT
server: cloudflare
etag: W/"6e038-5c2b44203cb40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmyS5l1aOatKV5HCPJ0gpCaoGVNRhXbnc11zSVYtmStweG0nNIIZAAwXY1qxucMxVvOenhQV9HswQwRi0Pce1Ysk%2F2kD1MaZOfB9SNECbLeYj7YayFuYxiF9xCbxF4zl6O5ilDYy1yCgszJM0ZI%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 302058179 302057998
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 js.cookie.js Show response
vermelho.org.br/wp-content/themes/vermelho/assets/javascript/ 4 KB
2 KB 196ms
196ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/assets/javascript/js.cookie.js?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4eef6933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: W/"f2e-5c2b43d8b6280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HlRaZapqMjep46ntdOmioe4%2BuL51gSsDA97yw8YUB4uSiV7UrqZijctUIXPSxM1FJuG64uRJoSfmN%2F4b5%2BJAgbipOnBw4dyB8SZTo2GG0vyiNfTjzcIapnvKVBkjb7RvpeOMs90MSvIblFMivE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 300538421 302057996
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 acessibilidade.js Show response
vermelho.org.br/wp-content/themes/vermelho/assets/javascript/ 518 B
602 B 197ms
196ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/assets/javascript/acessibilidade.js?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc3d8163b969402a568ff3c2e434bc8d2944e75b1109a51447f590d967bc2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4ef06933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: W/"206-5c2b43d8b6280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pW2rUORMya7bnjqkIMObS3c2vWndEF0d1l0FfjTCGLF5cuytitKy0dUuxqwFtrGPTG3LMiVZojlGxuh5yHVTFeZXiIO5pVhxTwB%2FMonrgnFXlQ76i2aN8KmE0X35KZcKMXHoheBsxZP5Bs%2B7NqI%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 397453422 396734799
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
vermelho.org.br/wp-includes/js/ 1 KB
1 KB 303ms
303ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-includes/js/wp-embed.min.js?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4ef16933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 15:15:44 GMT
server: cloudflare
etag: W/"577-5974ff4832800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDMDmIbg%2F1GVeKBlGDeXYS4%2B9mEK25kb2Iq7Op94LDfGxrzQQmqzV5H8YGAM%2B6V2l344uxDFYFkN3Y5nSWuw5cZZyvM7KBVzB2670ii%2BuMm9eEgASSjOhSqgtvq%2BRSJPwJXvKLszkKSwIG6DK8U%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 378178146 315375193
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 139ms
43ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3570
etag: W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b0e493cbdd3691b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 23 Nov 2021 02:35:38 GMT

GET
H2 200 styling-21013.min.js Show response
vermelho.org.br/wp-content/plugins/siteorigin-panels/js/ 802 B
742 B 302ms
302ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-content/plugins/siteorigin-panels/js/styling-21013.min.js?ver=2.10.13

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c62a6d499e21b15858aac54ab5ced3cd019f59658f235167a80164ea9fd96ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493a4ef26933-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 20:54:57 GMT
server: cloudflare
etag: W/"322-59754b1ae824c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx4IsACkYG46GDCDvCRQulI8cVrEWOLD5inDzwGuEYguY1rz%2FBE6BScLKXg8B2ce0WE97XJyIon0O%2BlNPwGrtNrEjUYIrN2x9c6mKlLx%2BxAC6RyC%2F00jBhdCKQcOhzxzpj7GZ%2FIUXZGdVsFgOrY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 409442047 406489214
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 e-202146.js Show response
stats.wp.com/ 9 KB
3 KB 93ms
33ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202146.js
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Thu, 10 Nov 2022 16:49:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 102ms
36ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16466631-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5671
date: Sat, 20 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 03:01:07 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vermelho.org.br/wp-includes/js/ 14 KB
5 KB 166ms
166ms Script
application/javascript 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vermelho.org.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493c2b664351-FRA
x-cache: HIT
x-unsetcookies: TRUE
strict-transport-security: max-age=15724800
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Nov 2019 15:15:44 GMT
server: cloudflare
etag: W/"362a-5974ff4832800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoNf84d421SB4%2Bgs4WwmAMLyJz52Ak77X6pzUBceIMJPjsggaEKIzw6pkFKYjagjxtUKI08VPO8S1%2F%2B0qBbv1KeO4DpYPI3toTjU0%2F%2BCRdcLcFzDRaRaSww%2BaTWBaYZTlp%2BdBPBf2XtJOiIHrQo%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 286689312 252417699
cache-control: max-age=14400
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 100ms
39ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bahiana|Josefin+Sans:400,700|Open+Sans:400,600,700|Open+Sans+Condensed:300|Voltaire&display=swap

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f849607f550d3e11cf34445498da3bc51184515c7962144a7e3a2ba7b3531868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:35:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:38 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 500887f6239dc6685e055ce31de2caefd90089609e8df7842709a4184ad3609f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 73 KB
73 KB 80ms
45ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Referer: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7605325
cf-ray: 6b0e493c6fbc177e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74328
x-amz-id-2: QDWcV7QGXVedv7E5d6mZEsFLKjHOI3353xTJGLgcQGTTqCEqCNWXypYj88wvKwQOmhsNVTmktGc=
last-modified: Wed, 30 Jun 2021 15:47:21 GMT
server: cloudflare
etag: "64b3e814a66c2719b15abf8f7998bd73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlE96URYfGyOG7qKR7v63nQxH%2FVa3nxaAwEDi%2FZ7UpoCnpfHEbwlr7lECZHLjq41mMI21Cfn33hmY8jMSomzS6JddgUnXOMT1jtWbjj38lMBWThUl%2FJFYRbgc6I4oVy7ERDz%2BeHoAMzV6orRnlzlP%2BQK"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: H7GA2PCKY09WF2EZ
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 108ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bahiana|Josefin+Sans:400,700|Open+Sans:400,600,700|Open+Sans+Condensed:300|Voltaire&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 45816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:52:02 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.2/webfonts/ 73 KB
74 KB 114ms
81ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Request headers

Referer: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11772811
cf-ray: 6b0e493c6fb9177e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74656
x-amz-id-2: dYjyVzXzlS8BvJpvqPuCWn2kG/I7aPWBNY4IphBvllJCdWmSDchZMIGathXzhATsUg/zFemqyFE=
last-modified: Wed, 30 Jun 2021 15:47:20 GMT
server: cloudflare
etag: "9f4ce3dc689981a1b87faab0f5484f9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWVFb9XmLoOREx3DsN8Gbk75xlAUPFwZ%2Bw8nFq5Uto7V9AkA3UKOgQ%2Frh5DKF%2FKhIWrr6NUhL8miQTpuzlfLj%2FxYibDCuW9cWdXGqPNia2XcCEpGbS6YJBhyHyKsWxSYzh%2F2MGcKztI1WeDA%2BZf2SLbq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: S2T00YGS77MBSSC1
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v20/ 26 KB
26 KB 177ms
105ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v20/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bahiana|Josefin+Sans:400,700|Open+Sans:400,600,700|Open+Sans+Condensed:300|Voltaire&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1c72e44c5aa91d24fc6ef2966a7d68363dd342bc325989e9f4dfaae39f54f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:36:26 GMT
x-content-type-options: nosniff
age: 46752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26696
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:20:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:36:26 GMT

GET
H2 200 1Pttg8PcRfSblAvGvTovaqQ.woff2
fonts.gstatic.com/s/voltaire/v10/ 9 KB
9 KB 159ms
87ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/voltaire/v10/1Pttg8PcRfSblAvGvTovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bahiana|Josefin+Sans:400,700|Open+Sans:400,600,700|Open+Sans+Condensed:300|Voltaire&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6777e7eb907ab5b0f9772778a42ae096a5c9da1afc8fd5bec0c817ef4af437e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:21:46 GMT
x-content-type-options: nosniff
age: 47632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9200
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 19:46:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:21:46 GMT

GET a-a5g97ps
anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/ Frame AD40 0
0

GET Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
anchor.fm/olhar65/embed/episodes/ Frame FFAD 0
0

GET Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
anchor.fm/olhar65/embed/episodes/ Frame 0BCD 0
0

GET Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
anchor.fm/olhar65/embed/episodes/ Frame 25D8 0
0

GET Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
anchor.fm/olhar65/embed/episodes/ Frame C2EA 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72c96fc8045125aa59cefda913c88cb73a126ad83ba766d04e585c2d3565c303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb51857eea3ee25b45a8a8e7e92a63a07b75c4feb62904e5a61e53e5eeb6286d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f81177a287b9bb84978cd08666d3ca90a5604b244e94cfc69473958006c51a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 avatar.png
vermelho.org.br/wp-content/themes/vermelho/assets/images/ 1 KB
2 KB 165ms
165ms Image
image/png 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/assets/images/avatar.png

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493c8bd04351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1528
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: "5f8-5c2b43d8b6280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PBfFL2kU7OzLR4%2FbA9rFDROU7a5tokD46L0nachqmGsh%2FYizMTwxzIYFH6QKMZGAYTQXyaWIuiVe%2Fxuat%2Bc1iQPpEp4T621%2FNzjAgyNJKLpaiihvUra%2FqtwEVOxrt8Sqbjp9NGyKZqweqbN5Ko%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 410662508 405436590
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H3 200 logo-textless.png
vermelho.org.br/wp-content/themes/vermelho/assets/images/ 12 KB
13 KB 172ms
172ms Image
image/png 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/assets/images/logo-textless.png

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4973fef166b9b68e98dd622660a5f80fc3e72ffbe692aa5b6e1a744d9db94af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493c8bd34351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12195
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: "2fa3-5c2b43d8b6280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7WYFmB9CC7w4zkfFI%2FXmZ%2BVWo34ACu%2Fi47DiDgcA9Hitivttjp5IVBfJqIjM7%2BabuveGcoBa6lpmiQSGQIyLqSx9rfslLfXHsfCwebr3Gn%2B5BNihAuoEzGS7fekrgn1AR96h0PclnT8D4wgxCU%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 404517877 404679049
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 15 KB
15 KB 120ms
100ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bahiana|Josefin+Sans:400,700|Open+Sans:400,600,700|Open+Sans+Condensed:300|Voltaire&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 04:22:05 GMT
x-content-type-options: nosniff
age: 80013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14872
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 04:22:05 GMT

GET 5-u7IYb9rX0
www.youtube.com/embed/ Frame F33F 0
0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 799b784221425b49203a719181ffb89ddc0450e8650a177599c11ad5e446f56d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c18dcfa8f1ea9e798a49993ca4140c4e8ba8d7ca21d93dbc336c736e53fac4cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 prosa-poesia_widget.png
vermelho.org.br/wp-content/themes/vermelho/assets/images/ 1 MB
1 MB 225ms
225ms Image
image/png 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/assets/images/prosa-poesia_widget.png

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cf3207fc8cd56e5fd77f3a4452ce54bd6ea0aa3f090a88917fcb7b3639b61e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.css?ver=1621454341
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493cbc024351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1412278
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: "158cb6-5c2b43d8b6280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSgu77E13MMl1feO9HVAfzDyFwVUsxl1tU1uU5iWC509UD%2F0ltQ6f4P0ux4A7rMg%2FF9cgCHsxLf%2FuYbSMjv6CvQw1U4tpZM1yQBbHrG1HmoA9qrIB9fWzcXGmoZyTQkiBfMbthz4RlU%2Fa6wMsCc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 410885310 406517122
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 uU9PCBUV4YenPWJU3xTR3w.woff2
fonts.gstatic.com/s/bahiana/v7/ 16 KB
17 KB 114ms
114ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bahiana/v7/uU9PCBUV4YenPWJU3xTR3w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bahiana|Josefin+Sans:400,700|Open+Sans:400,600,700|Open+Sans+Condensed:300|Voltaire&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b0f25226689e8ba1edfc45c191aa3540d34407605df88b5d830137373cfb308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vermelho.org.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 18:24:57 GMT
x-content-type-options: nosniff
age: 375041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16872
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 04:02:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 18:24:57 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c202f23c7e3f453c5114bb94690c6c88a4fcbfb9c9008e03f8f6617fbc10c690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 a-a5g97ps Show response
anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/ Frame C7F2 177 KB
30 KB 187ms
173ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

280eabb280d3ecf13a0d195d35114d2fb0060e882fed9a8225b896ccc558f649

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: public, s-maxage=86400, max-age=0
etag: W/"2c4c0-oYnhITkmoJt7IquoN7krj8cvruk"
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Nov 2021 02:35:38 GMT
age: 60624
x-served-by: cache-dca17777-DCA, cache-fra19161-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 30862

GET
H2 200 Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm Show response
anchor.fm/olhar65/embed/episodes/ Frame E1A1 17 KB
6 KB 155ms
143ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

5ec68a03ce8a66c2868e589a402c268e3decb59db6fe66510da42531a38a4490

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: public, s-maxage=120, max-age=0
etag: W/"43da-9ZkrJ4rxovB0SwIZivpiqQyqTt8"
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Nov 2021 02:35:38 GMT
age: 79
x-served-by: cache-dca17756-DCA, cache-fra19161-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5565

GET
H2 200 Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3 Show response
anchor.fm/olhar65/embed/episodes/ Frame BA75 17 KB
6 KB 145ms
135ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

97eb37fb5978dc93ee005921feeea6fcf1edf214a18e91c694282de8a75e470d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: public, s-maxage=120, max-age=0
etag: W/"43da-h2Udka0mK+S172H91l0unF89+5I"
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Nov 2021 02:35:38 GMT
age: 79
x-served-by: cache-dca17768-DCA, cache-fra19161-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5566

GET
H2 200 Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v Show response
anchor.fm/olhar65/embed/episodes/ Frame 0019 17 KB
6 KB 156ms
148ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

a65968a8e9ea6126eb6fe9863c08b4300d84188ea5a7bcd5a8772eed0094f356

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: public, s-maxage=120, max-age=0
etag: W/"43da-TP2NrnBo/2xPPk4YMvPDHVmRzI0"
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Nov 2021 02:35:38 GMT
age: 79
x-served-by: cache-dca17736-DCA, cache-fra19161-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5566

GET
H2 200 Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4 Show response
anchor.fm/olhar65/embed/episodes/ Frame F541 17 KB
6 KB 145ms
140ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

d19bf1f367f5cccc68de7200764b86ce5113debd0c95dda86df7071511c8c13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
cache-control: public, s-maxage=120, max-age=0
etag: W/"43da-kjgiIS5MJnwSL4BmmR5CcB14nWY"
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 20 Nov 2021 02:35:38 GMT
age: 78
x-served-by: cache-dca17744-DCA, cache-fra19161-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-length: 5567

GET
H2 200 5-u7IYb9rX0 Show response
www.youtube.com/embed/ Frame 9239 59 KB
25 KB 159ms
91ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5-u7IYb9rX0

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/wp-content/themes/vermelho/dist/app.js?ver=1621454341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

daee335f9488c86ad37209f622d71e5aaedb5b19a5c89abd81df79ca60017922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Nov 2021 02:35:38 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 42ms
41ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A8.3.1&blog=172107700&post=406387&tz=-3&srv=vermelho.org.br&host=vermelho.org.br&ref=&fcp=643&rand=0.050537417935839324
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Nov 2021 02:35:38 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 98ms
45ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 20 Nov 2021 03:26:51 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 107ms
55ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 387
etag: W/"f5b476c39d3850a1e9c745df927a7adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b0e493e0f265bf1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 23 Nov 2021 02:35:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 107ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4974601214562308&plah=vermelho.org.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

016b262721520b42254b260dd780a6811da4b1de05556348fdbbdd03f510df47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99573
x-xss-protection: 0
server: cafe
etag: 18360881401595388540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 02:35:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 00B3 11 KB
5 KB 131ms
41ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 19 Nov 2021 06:55:30 GMT
expires: Fri, 03 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 70808
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 logo.png
vermelho.org.br/wp-content/themes/vermelho/assets/images/ 12 KB
12 KB 277ms
277ms Image
image/png 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/themes/vermelho/assets/images/logo.png

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a468d753433d65e52288ad8479ea077d49b61cc2d7003747766c27acdb85e856

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: REVALIDATED
x-cacheable: YES
cf-ray: 6b0e493e4deb4351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11794
last-modified: Wed, 19 May 2021 19:57:46 GMT
server: cloudflare
etag: "2e12-5c2b43d8b6280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV4JLLqC4br67ZzMcJwB89jOHR%2B93G48vtyM9hSqWxd5RrBIjvVnTtmAed2eoQzfm9F6RVsfJc5RZkL3tYSSO%2BMj%2Bv5ySyANL63oJbZFb1tLHjbfY0KgqR5e3fDpBQOon4YLd4FgsjuY3IXUcmk%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 295077254 253376486
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H3 200 consciencia-negra-1902x951-1-700x387.jpg
vermelho.org.br/wp-content/uploads/2020/11/ 32 KB
33 KB 333ms
332ms Image
image/jpeg 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/uploads/2020/11/consciencia-negra-1902x951-1-700x387.jpg

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

010b43f9051b9c6ca0f216db578e67a42d5e0802c77c8d53ef9d718f9781a6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493e4dee4351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33227
last-modified: Fri, 20 Nov 2020 14:39:07 GMT
server: cloudflare
etag: "81cb-5b48ace938ab3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MY0Pl8APsRzXL7Ldo92s7JUwPfh6BroLUbaK6NswalwPI0r3QNWCncpomi%2B4UbmxugZc9BJW1KnDbJkkvzsBfkskD3d5iLlDnZ7lwV1HcZXmW%2FJfohpofzAnfKfmz1LwJ03SqaShFUmQfFa7hGM%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 411011758 404155135
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 faixas-700x387.jpg
vermelho.org.br/wp-content/uploads/2021/11/ 68 KB
69 KB 302ms
302ms Image
image/jpeg 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/uploads/2021/11/faixas-700x387.jpg

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93404e3aa5816108cac14b006217d7d57ffb5e7aa827112f1924ee4650dcc3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493e4def4351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69813
last-modified: Sat, 20 Nov 2021 00:33:10 GMT
server: cloudflare
etag: "110b5-5d12d89478008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F4bdf91fQkHY%2BaZ70hFZ2GmoBHr3pe7okaJPIHDiTI1Ob%2BDmSHVLx9pn7NWQXM1PgXbQzfY2SRVrXGEXFumFwW7%2FJabYLUrDy8NsKIdNpoPoq6JyfH%2FckxoFit%2FF6fVBs3qlMR74D8cMq8WUzw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 410949511 410690376
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 Captura-de-Tela-2021-11-19-a%CC%80s-19.28.56-700x387.png
vermelho.org.br/wp-content/uploads/2021/11/ 388 KB
389 KB 571ms
571ms Image
image/png 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/uploads/2021/11/Captura-de-Tela-2021-11-19-a%CC%80s-19.28.56-700x387.png

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d93f8b50f58efba0b2bab20ba32aba45dd3a30632e2e484df52078550c6ed2d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493e4df04351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 397215
last-modified: Fri, 19 Nov 2021 22:29:56 GMT
server: cloudflare
etag: "60f9f-5d12bd08b3288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FqLP86Vyf2MSnQnUCpIcgtjxxUqNdVlUvHLezojVwPhSBVA%2FMzewAIERea3Mh2soE%2B2LVzk1wHiAZzLetiB7g3S%2FTtjWjtzAclUvmr%2B9dCdskw5h%2BJUHNojuFnyV3EpWFCJir99edYbIPqtplo%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 411011759 404155145
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H3 200 Hamilton-LAT-Images-for-Mercedes-Benz-Grand-Prix-Ltd-700x387.jpg
vermelho.org.br/wp-content/uploads/2021/11/ 48 KB
49 KB 742ms
742ms Image
image/jpeg 2606:4700:3037::ac43:9ae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vermelho.org.br/wp-content/uploads/2021/11/Hamilton-LAT-Images-for-Mercedes-Benz-Grand-Prix-Ltd-700x387.jpg

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9ae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab32db68ce6fe74ef430dae027cea86b4a985324de3e733fd76043864ba0596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
x-cacheable: YES
cf-ray: 6b0e493e4df14351-FRA
x-cache: HIT
x-unsetcookies: TRUE
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15724800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49178
last-modified: Fri, 19 Nov 2021 14:08:02 GMT
server: cloudflare
etag: "c01a-5d124cd9d7959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8z938Bc1MDRaXDXy40btr%2F4zssykdIIpJGzjwtlSeqJXi5ag2VQNiUm7oI9pf0Vm9FTa92NZc0MVJvhZijegcpwyDlI2LYVj%2Bs8TxbFlIlT4cAO5haqce%2F35N47q%2BHFiOJWBa6SiFMcOaQU1X2Q%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 404517878 407161294
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 bundle-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame BA75 327 KB
58 KB 210ms
67ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f204659054c21bc4cd369803dc27e86f32015b8dc8b9c39e64847f3c0f295af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:14 GMT
server: AmazonS3
age: 12361
etag: W/"443f14e1d454b6baf98ebe5708add30a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -m4ZiOXx-irVTob9KrDrJ4q0seE-5jL3u4vVwUPqG-cBUIzfFrVdUQ==

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame BA75 45 KB
8 KB 326ms
184ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbd90b0c9d18f5198f6505fe69913c81c0d2ffa5536bdea1144fd4c5acca37f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:08 GMT
server: AmazonS3
age: 12361
etag: W/"e6f4605e6ad6fa69caf7ec4299ff3c0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: an008d7bCm5VATrq41JYMJIxQdB53S0XjLuY3qMjscyGAyIXol9iJw==

GET
H2 200 bundle-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame BA75 8 MB
2 MB 150ms
146ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd6818895fddb9f737d42abc4a0303821256f704c04df2bf0daada410ea7c71d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:39 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:17 GMT
server: AmazonS3
age: 12360
etag: W/"16d43c355d3771a1ab33b8fe6e93b6fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 00yXFoATIO_k9jtbEuqm8Gwpm1QDb0ydoZTN01GGrK0l78GpGAZDBg==

GET
H2 200 bundle-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame F541 327 KB
58 KB 382ms
240ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f204659054c21bc4cd369803dc27e86f32015b8dc8b9c39e64847f3c0f295af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:14 GMT
server: AmazonS3
age: 12361
etag: W/"443f14e1d454b6baf98ebe5708add30a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UUcA3q8LAgZi79chEM_5QyMXgjd3Luj4YLKcnA3Ja9KFayvKTsK1ag==

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame F541 45 KB
8 KB 446ms
304ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbd90b0c9d18f5198f6505fe69913c81c0d2ffa5536bdea1144fd4c5acca37f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:08 GMT
server: AmazonS3
age: 12361
etag: W/"e6f4605e6ad6fa69caf7ec4299ff3c0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 84TlWVNPPIr1ay5UAWl-Vr4vg2zWfZ1ueLOiWqJq_keJOfpJmn2iPQ==

GET
H2 200 bundle-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame F541 8 MB
2 MB 879ms
879ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd6818895fddb9f737d42abc4a0303821256f704c04df2bf0daada410ea7c71d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:39 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:17 GMT
server: AmazonS3
age: 12361
etag: W/"16d43c355d3771a1ab33b8fe6e93b6fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IrSwxOCBeWRomP7TJw_Tmyo3Cm5qamgvTT3FXnMvuSdeoHaJnlrJEg==

GET
H2 200 bundle-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame E1A1 327 KB
58 KB 326ms
184ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f204659054c21bc4cd369803dc27e86f32015b8dc8b9c39e64847f3c0f295af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:14 GMT
server: AmazonS3
age: 12361
etag: W/"443f14e1d454b6baf98ebe5708add30a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: TzisJjsX_Odh4Al525knxOEBKEBvxiryzHyh31ioV3TXRFdSEQdb-Q==

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame E1A1 45 KB
8 KB 442ms
301ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbd90b0c9d18f5198f6505fe69913c81c0d2ffa5536bdea1144fd4c5acca37f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:08 GMT
server: AmazonS3
age: 12361
etag: W/"e6f4605e6ad6fa69caf7ec4299ff3c0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Xa6AjIFu4F89X68jQIAhaciKUoVT0dXiWr9OPk2-d-wx4P6q7r6b3Q==

GET
H2 200 bundle-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame E1A1 8 MB
2 MB 585ms
585ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd6818895fddb9f737d42abc4a0303821256f704c04df2bf0daada410ea7c71d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:39 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:17 GMT
server: AmazonS3
age: 12361
etag: W/"16d43c355d3771a1ab33b8fe6e93b6fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tdqYoc1N2LXpvKaUilCjCWuBLWcKMCy3wvM0Iwtp0hE7y5R06gb3VQ==

GET
H2 200 bundle-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame 0019 327 KB
58 KB 462ms
321ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f204659054c21bc4cd369803dc27e86f32015b8dc8b9c39e64847f3c0f295af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:14 GMT
server: AmazonS3
age: 12361
etag: W/"443f14e1d454b6baf98ebe5708add30a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: M1yILrMhp89FVopNJ4gS7mKwK-IB3GgaY2A8smFu9q1jMmFUim02mw==

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame 0019 45 KB
8 KB 450ms
309ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbd90b0c9d18f5198f6505fe69913c81c0d2ffa5536bdea1144fd4c5acca37f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:38 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:08 GMT
server: AmazonS3
age: 12361
etag: W/"e6f4605e6ad6fa69caf7ec4299ff3c0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: k7pr-kxG-YuLfp3arbjmfxGZAAucSckFDQo5A_bWyrL0ZiD091ISqw==

GET
H2 200 bundle-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame 0019 8 MB
2 MB 904ms
904ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Requested by: Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd6818895fddb9f737d42abc4a0303821256f704c04df2bf0daada410ea7c71d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:39 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:17 GMT
server: AmazonS3
age: 12361
etag: W/"16d43c355d3771a1ab33b8fe6e93b6fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4VPne1zozt4hYM6Tx4pUxKQFc_dsijRQqyiO3gGRro8Dac47NEixuA==

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/ad2aeb77/ Frame 9239 336 KB
46 KB 92ms
44ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad2aeb77/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 00:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47193
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 20 Nov 2022 00:03:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/ Frame 9239 214 KB
70 KB 90ms
43ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71869
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 20 Nov 2022 02:14:24 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/ Frame 9239 2 MB
522 KB 157ms
110ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7954f007e9aa82d6e368ba89484584d864ed1939ad5b3ba187c26dc38e3901f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 534562
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Nov 2022 15:36:10 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ad2aeb77/fetch-polyfill.vflset/ Frame 9239 8 KB
3 KB 155ms
107ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad2aeb77/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Nov 2022 15:36:31 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2129034438&t=pageview&_s=1&dl=https%3A%2F%2Fvermelho.org.br%2F&ul=en-us&de=UTF-8&dt=Vermelho&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=258931775&gjid=1363370312&cid=2119234257.1637375738&tid=UA-16466631-1&_gid=1674602506.1637375738&_r=1&gtm=2ouba1&did=dZGIzZG&gdid=dZGIzZG&z=240585710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vermelho.org.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vermelho.org.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle-03520174890d3cd702a1.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame C7F2 327 KB
58 KB 420ms
285ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf458405b2d36ebb75f11aed227db509eaabf99ad1e42cc7f8edc1372c146941

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 02:23:54 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:42:43 GMT
server: AmazonS3
age: 87105
etag: W/"191490ebf04dcf7b53d781db68920632"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0gkVL34xr0QaHczM3rux9rXURFWOO-cLEEh2lw_LF-jqM6a_nRYJkA==

GET
H2 200 ProfileEpisodeContainer-03520174890d3cd702a1.css
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame C7F2 45 KB
8 KB 439ms
304ms Stylesheet
text/css 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-03520174890d3cd702a1.css
Requested by: Host: anchor.fm
URL: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d49750f29724f6519e7461b32849b7c2f76f8101a1d47ce449ba3043734e92c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 02:23:54 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:42:37 GMT
server: AmazonS3
age: 87105
etag: W/"f6ee96059a64e110376beb623c61567b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _qmrQxcznDk0-ctrLox0ndo5AHYl0dhlrSvqaIyGV0lul-rGTNUvpg==

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9239 15 KB
15 KB 87ms
37ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 293337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 17:06:41 GMT

GET
H2 200 bundle-03520174890d3cd702a1.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame C7F2 8 MB
2 MB 917ms
917ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js
Requested by: Host: anchor.fm
URL: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b76916678f29381eb46e3c527540b3b580f88ce94491131308ac406d4bc620e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 02:23:55 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:42:46 GMT
server: AmazonS3
age: 87105
etag: W/"8a109ff2cdfc16d06a9aa26e5335237c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1mjyH_3KMfT4cSA4xP-R3PrNM6d1w7o3-7HUmxtbyBa0C4fdcCFwrg==

GET
H2 200 2460605-1620400161716-c2a5453222551.jpg
d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2460605/ Frame C7F2 60 KB
60 KB 525ms
135ms Image
image/jpg 2600:9000:2156:5c00:7:c135:4380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2460605/2460605-1620400161716-c2a5453222551.jpg
Requested by: Host: anchor.fm
URL: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:7:c135:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d30094919da411d90ad158ee1ee772f824e9fd113dd7e9b13590e797af6099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 05:38:43 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 15:09:23 GMT
server: AmazonS3
age: 75417
etag: "106594a6677ad1b894d5c3f00ec5e6b9"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-meta-content-type: image/jpg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 61134
x-amz-cf-id: YjlTHRiaXH-CLe8sovXL42n-151-4_Ytdj10THar0Sym-F_SngnLKg==

GET
H2 200 web Show response
onesignal.com/api/v1/sync/6d1b6de9-45dd-4aa6-a77d-a7d86d8c9c6f/ 3 KB
2 KB 90ms
50ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/6d1b6de9-45dd-4aa6-a77d-a7d86d8c9c6f/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691af040ae9acd5fca6095dea68c1ff14652d42378dbbc63c92a6c5b9a8f94d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1116
cf-polished: origSize=3330
status: 200 OK
x-envoy-upstream-service-time: 33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fb0c289d-35b1-4d36-877f-4e780de6b5a2
x-runtime: 0.030702
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"71b942f2d43a1071007c928a2dbeff51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6b0e493f28bd691b-FRA
access-control-allow-headers: SDK-Version
expires: Sat, 20 Nov 2021 03:35:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 174ms
61ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16466631-1&cid=2119234257.1637375738&jid=258931775&gjid=1363370312&_gid=1674602506.1637375738&_u=aGBAAUIgAAAAAC~&z=303455640

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vermelho.org.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 20 Nov 2021 02:35:38 GMT
content-type: text/plain
access-control-allow-origin: https://vermelho.org.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
639 B 451ms
73ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vermelho.org.br&callback=_gfp_s_&client=ca-pub-4974601214562308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4974601214562308&plah=vermelho.org.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6adecd563358549890941c65cafdb83b9685a1707afd2e695133702eb1dc3090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 166ms
50ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vermelho.org.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 211ms
94ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vermelho.org.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CD7 88 KB
30 KB 554ms
487ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aa29e5ee2a9f041f8252d1e747848df7058e70788d1818eac96a697e72878f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:39 GMT
server: cafe
content-length: 31090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:39 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA7D 81 KB
29 KB 352ms
297ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2542960008&adf=20860639&pi=t.ma~as.3154128600&w=668&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=668x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738549&bpp=2&bdt=633&idt=232&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=466&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=olgNaOYkCV&p=https%3A//vermelho.org.br&dtd=235

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1956c53bc8e4d0a48803388e5c2f094e7eb3ba411ffb84eb2ac4358af39f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:39 GMT
server: cafe
content-length: 29922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:39 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4EEB 98 KB
31 KB 369ms
321ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=250&slotname=3154128600&adk=3173649077&adf=2181454578&pi=t.ma~as.3154128600&w=319&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738551&bpp=1&bdt=635&idt=238&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1164&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8T8awcEDfD&p=https%3A//vermelho.org.br&dtd=241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

521d244c465ba4f60aaaf81fa420a7aef88923d0891a4725db29d8cbd4239bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:39 GMT
server: cafe
content-length: 31530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:39 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D8C 89 KB
30 KB 453ms
412ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a2c0758001da905363963623f1c6adc224cdd50024be93190c8a7a8484a11de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:39 GMT
server: cafe
content-length: 31089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:39 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 92FF 130 KB
38 KB 409ms
373ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b54c2afa005715607fa2184fa10ae33fabea35df2041dd91fe74f131709745e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:39 GMT
server: cafe
content-length: 38458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:39 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fvermelho.org.br%2F&tn=HEADER&cls=main-header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38E7 172 KB
44 KB 547ms
530ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&adk=1812271804&adf=3025194257&lmt=1637375738&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fvermelho.org.br%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738572&bpp=1&bdt=656&idt=243&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280&nras=1&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd7388a2bf86c8c153168826ebe5b48dc39d25f5d466e7aee86dd28bb3278bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:39 GMT
server: cafe
content-length: 44764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:39 GMT
cache-control: private

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 70ms
69ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:38 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 398
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6b0e493fc9685bf1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 23 Nov 2021 02:35:38 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 182ms
69ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16466631-1&cid=2119234257.1637375738&jid=258931775&_u=aGBAAUIgAAAAAC~&z=1090877188

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 180ms
67ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16466631-1&cid=2119234257.1637375738&jid=258931775&_u=aGBAAUIgAAAAAC~&z=1090877188

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA75 41 KB
3 KB 133ms
69ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b6fdf9e0d5abb3051ba04531fb57d00991dce00a24da6b989a3ee47df8f3095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 00:41:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E1A1 41 KB
3 KB 87ms
71ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b6fdf9e0d5abb3051ba04531fb57d00991dce00a24da6b989a3ee47df8f3095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:35:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F541 41 KB
3 KB 66ms
66ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b6fdf9e0d5abb3051ba04531fb57d00991dce00a24da6b989a3ee47df8f3095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:34:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C7F2 41 KB
3 KB 73ms
73ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b6fdf9e0d5abb3051ba04531fb57d00991dce00a24da6b989a3ee47df8f3095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 00:53:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame BA75 49 KB
20 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5672
date: Sat, 20 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 03:01:07 GMT

GET
H2 200 maax-regular.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame BA75 63 KB
63 KB 442ms
148ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-regular.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eb03531048be7cfd4e43d6084f3ec0b30c4e8025831854d1c6a1b811a2d30eb

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:01:05 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 981274
x-cache: Hit from cloudfront
content-length: 64460
last-modified: Tue, 05 Oct 2021 22:12:33 GMT
server: AmazonS3
etag: "c734ea7a77c7a3165daa3c5219a382c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: p1jYFCPlMGvb3AQuisZ9xYotW6hQV0P5K0C_2g9BkyVNcduLLbVTsg==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E1A1 49 KB
20 KB 128ms
128ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5672
date: Sat, 20 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 03:01:07 GMT

GET
H2 200 maax-regular.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame E1A1 63 KB
63 KB 731ms
448ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-regular.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eb03531048be7cfd4e43d6084f3ec0b30c4e8025831854d1c6a1b811a2d30eb

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:01:05 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 981274
x-cache: Hit from cloudfront
content-length: 64460
last-modified: Tue, 05 Oct 2021 22:12:33 GMT
server: AmazonS3
etag: "c734ea7a77c7a3165daa3c5219a382c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0-1S-OK42p9W-YFDECStXy2s8tJ91auZrTOcR4DFZrNpAcAXqqgUcA==

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9239
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

138ms
138ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2908155de48032de1144ce3e33623dcdbfc2eefdbeea62c79170d62131d7dc7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 20 Nov 2021 02:35:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9239 29 B
588 B 275ms
59ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:27:28 GMT
x-content-type-options: nosniff
age: 491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 20 Nov 2021 02:42:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0019 41 KB
3 KB 75ms
74ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b6fdf9e0d5abb3051ba04531fb57d00991dce00a24da6b989a3ee47df8f3095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 01:41:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/ Frame 9239 94 KB
29 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09f17d12e1e53a5770cd7e7202003e4e19ed1241c6333f6daff58975b81ddb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29843
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Nov 2022 15:36:10 GMT

GET
H3 200 v7LIgulXpe7rBFWT6E5nxRfcCLqFg9AqI3MHJk7JX7A.js Show response
www.google.com/js/th/ Frame 9239 35 KB
13 KB 129ms
62ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/v7LIgulXpe7rBFWT6E5nxRfcCLqFg9AqI3MHJk7JX7A.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb2c882e957a5eeeb045593e84e67c517dc08ba8583d02a237307264ec95fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 12:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13447
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 12:43:40 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/ Frame 9239 24 KB
7 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93cac9e8d3c8802a1926a35ce2117c2765d4784d7937dd81e93a6a5155982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7357
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 18 Nov 2022 15:36:32 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F541 49 KB
20 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5672
date: Sat, 20 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 03:01:07 GMT

GET
H2 200 maax-regular.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame F541 63 KB
63 KB 975ms
840ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-regular.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eb03531048be7cfd4e43d6084f3ec0b30c4e8025831854d1c6a1b811a2d30eb

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:01:05 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 981274
x-cache: Hit from cloudfront
content-length: 64460
last-modified: Tue, 05 Oct 2021 22:12:33 GMT
server: AmazonS3
etag: "c734ea7a77c7a3165daa3c5219a382c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 48_c8m6A8nuNpQrMBI35p776sE-jwYjV-AcN9iYR4TVH9Q0a0pmtcA==

GET
DATA 200
OK truncated
/ Frame 9239 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRuF6G6rElbojk8--jb7M4Zq47paMqhvn1VyDfFMQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9239 3 KB
4 KB 632ms
162ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRuF6G6rElbojk8--jb7M4Zq47paMqhvn1VyDfFMQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5b18e0d2a13d1537a6444804ccd6906071d3c5a29bf387d7a95d99e7525adbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3318
x-xss-protection: 0
server: fife
etag: "v34f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 22:50:59 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/5-u7IYb9rX0/ Frame 9239 33 KB
33 KB 276ms
73ms Image
image/webp 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/5-u7IYb9rX0/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3403788fe7af239897e0932f9578e80a769b1e83a1486cca0626c19a24eab4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33384
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Nov 2021 04:35:39 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C7F2 49 KB
20 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: anchor.fm
URL: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5672
date: Sat, 20 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 03:01:07 GMT

GET
H2 200 maax-regular.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame C7F2 63 KB
63 KB 633ms
569ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-regular.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eb03531048be7cfd4e43d6084f3ec0b30c4e8025831854d1c6a1b811a2d30eb

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:01:05 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 981274
x-cache: Hit from cloudfront
content-length: 64460
last-modified: Tue, 05 Oct 2021 22:12:33 GMT
server: AmazonS3
etag: "c734ea7a77c7a3165daa3c5219a382c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: DzW28KSstMCR2ojU0NtSZXZkOsUgEIIUE9rRW7X_gdvZfW5RwKZppg==

GET
H2 200 maax-medium.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame C7F2 65 KB
65 KB 807ms
744ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-medium.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c40d1b27af6942a1bed6a5b3df59834401e1e95252134e87965a64a9fa893c

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:51:20 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1464259
x-cache: Hit from cloudfront
content-length: 66096
last-modified: Thu, 23 Sep 2021 18:32:06 GMT
server: AmazonS3
etag: "08484121bb86b9868a1eadcf1c6db46d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: eA76XkqjuVPLVmwsRSFR_CWzq0p_cVik3xR7dtPDu49boXrmUOcS_g==

GET
H3 200 css
fonts.googleapis.com/ Frame DA7D 4 KB
619 B 69ms
69ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2542960008&adf=20860639&pi=t.ma~as.3154128600&w=668&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=668x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738549&bpp=2&bdt=633&idt=232&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=466&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=olgNaOYkCV&p=https%3A//vermelho.org.br&dtd=235

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:07:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DA7D 1 KB
914 B 1152ms
843ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:52:19 GMT

GET
H2 200 8292451736484061825
tpc.googlesyndication.com/simgad/ Frame 4EEB 24 KB
24 KB 609ms
300ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8292451736484061825?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkiXGQBktu29mQvubBsv9mYoOoIug

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=250&slotname=3154128600&adk=3173649077&adf=2181454578&pi=t.ma~as.3154128600&w=319&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738551&bpp=1&bdt=635&idt=238&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1164&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8T8awcEDfD&p=https%3A//vermelho.org.br&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc2d26bc6b4226522a5f97b89a699ead436a0094ab6ee08686058026fb4b7ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 06:02:12 GMT
x-content-type-options: nosniff
age: 246807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24902
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:09:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 06:02:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 4EEB 19 KB
8 KB 781ms
472ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0019 49 KB
20 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5672
date: Sat, 20 Nov 2021 01:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 20 Nov 2021 03:01:07 GMT

GET
H2 200 maax-regular.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame 0019 63 KB
63 KB 708ms
661ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-regular.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6eb03531048be7cfd4e43d6084f3ec0b30c4e8025831854d1c6a1b811a2d30eb

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:01:05 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 981274
x-cache: Hit from cloudfront
content-length: 64460
last-modified: Tue, 05 Oct 2021 22:12:33 GMT
server: AmazonS3
etag: "c734ea7a77c7a3165daa3c5219a382c0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7qrZLkmRJRY1TYmQz_m6JHycvstp1Yb307voP1ohnG2VIaMomAjYlg==

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame DA7D 19 KB
8 KB 349ms
64ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DA7D 2 KB
1 KB 1124ms
839ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:53:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA7D 119 KB
37 KB 272ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame DA7D 15 KB
6 KB 605ms
321ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame DA7D 27 KB
11 KB 383ms
191ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4EEB 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch79O-l6YYcGvNZTTgAfm9qSwC66irbhm3sHk4u0O1IS7-5oCEAEgiPatHmCV2oiCmAegAeGUrdMDyAECqQLHX47EZ-2yPqgDAcgDyQSqBOwBT9AzMh-z6pUyG38HRWWZ1iFsIcxzEKn4s1WRfQ8eHRe_trB3AQ45uRbQhbf3lthMY0FYbx1fWnRHlwZtui59828QQMFd06rqvgyd0dln3rYdMfjaUmD-grP5pUil-aagKVmkQWOG0t4830U98OPtvakXqdWu2eG8XPvS_r-T0XBmKVe9I98G2DURWtHqfVYgpj4jCMb6w4-jnuqqqYheFXmj1T76CAzBhQMjOQs41LGCNJoM8CTq_U_f4oE6QKwdn9yOkp0CwEUcIuo12HH_saYyr0N9PyFQ9L-J5aNQF50mnSOSUoV7wzV6rrDABNiHpJblA5IFBAgEGAGSBQQIBRgEoAYCgAechYUuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ_fED0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQ5NzQ2MDEyMTQ1NjIzMDgYAA&sigh=JSiVwuGt2Uw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=250&slotname=3154128600&adk=3173649077&adf=2181454578&pi=t.ma~as.3154128600&w=319&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738551&bpp=1&bdt=635&idt=238&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1164&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8T8awcEDfD&p=https%3A//vermelho.org.br&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4EEB 2 KB
1 KB 1118ms
840ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:53:06 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 4EEB 67 B
188 B 1118ms
840ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 75818
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 20 Nov 2021 05:32:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EEB 119 KB
36 KB 703ms
516ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4EEB 15 KB
6 KB 751ms
473ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4EEB 27 KB
11 KB 1118ms
841ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 22:01:30 GMT

GET
H2 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 92FF 7 KB
3 KB 863ms
679ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 18:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 03:03:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 15 Feb 2022 18:05:23 GMT

GET
H2 200 57a53ef409095c62d62662153513db7d.js Show response
www.gstatic.com/mysidia/ Frame 92FF 132 KB
48 KB 863ms
679ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57a53ef409095c62d62662153513db7d.js?tag=video_mra/web_raspberry

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be34ec9a0775d1541c4e659182d9ccf42e3a4671de5ec3235aa4ed11e7e0117c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49541
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 03:03:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 13 Feb 2022 21:32:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 92FF 3 KB
579 B 72ms
72ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:08:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 92FF 5 KB
616 B 72ms
72ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c733809a15b6fd666d9c4e02e6fbf1382e73b5fbbba07d4cf8c5f33046c035a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:12:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13630874062753521174/ Frame DA7D 8 KB
8 KB 524ms
250ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13630874062753521174/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74f4e0d549339be6f6bc9f1d16e8b58b645ae40049cf1487263efea9459316cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:04:00 GMT
x-content-type-options: nosniff
age: 12699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8080
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 13:36:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 23:04:00 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9643409249421243115/ Frame DA7D 18 KB
18 KB 524ms
250ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9643409249421243115/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18257bc82dde053b5e701d1bda372d269ca846168c09999768662f24eab8a9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:04:19 GMT
x-content-type-options: nosniff
age: 340280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18327
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 14:20:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Nov 2022 04:04:19 GMT

GET
DATA 200
OK truncated
/ Frame DA7D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 0D8C 3 KB
579 B 75ms
75ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:04:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D8C 1 KB
960 B 1096ms
841ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:52:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DA7D 0
0 154ms
154ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNQ8M-l6YYcWpNdqvgQegyKKgBprU74xm-OKt884OloLNhYgWEAEgiPatHmCV2oiCmAegAdG8l_MDyAEJqQLHX47EZ-2yPqgDAcgDywSqBP4BT9D8l1a5g24zZr9g5LqJXSxE_F2NJBNDupl-uan-bUSSJR3fc-22Ws7XYo8tm-kAbFVFCQ-3qw7N-2bn0iQhfTrSq9Ni2ByE1aqLtgnQYGrvkDn9ITiSSbuF19pLklLor8c6BFaErZ1gr0zBN3v4xvONboH2fKBrvkaqDK9EI7JM2qZLKHJlMuKw_1FDq4sSqyBJpj3B-7JUuLPWE3mGgPhOMSX-GB0SatGQyeDX20HrQOJAH1A04m6l5X2gN9S5T0MBKkG--4TzgiMFs5Uoo4JjcKWpGI_7E6tnGzGLev0Knz1aIQEZ8aYKDan4_sTfUxdHeauWhOTiYsG5Xz_ABOePwfrdA5IFBAgEGAGSBQQIBRgEoAYugAeXw-gMqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQjrcH0ggJCIDhgBAQARhfgAoByAsB2BMNiBQC0BUBgBcBshccChoIABIUcHViLTQ5NzQ2MDEyMTQ1NjIzMDgYAA&sigh=hRkWUq7ykBk&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2542960008&adf=20860639&pi=t.ma~as.3154128600&w=668&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=668x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738549&bpp=2&bdt=633&idt=232&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=466&ady=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=olgNaOYkCV&p=https%3A//vermelho.org.br&dtd=235
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 92FF 1 KB
880 B 63ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:52:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 92FF 19 KB
8 KB 716ms
473ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 92FF 2 KB
1 KB 62ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:31:32 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 92FF 67 B
91 B 63ms
33ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 75819
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 20 Nov 2021 05:32:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92FF 119 KB
36 KB 79ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5CD7 3 KB
579 B 72ms
72ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:03:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 0D8C 19 KB
8 KB 482ms
248ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D8C 2 KB
1 KB 1076ms
843ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:53:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D8C 119 KB
36 KB 811ms
668ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 0D8C 15 KB
6 KB 393ms
159ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 0D8C 27 KB
11 KB 219ms
78ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 92FF 15 KB
6 KB 62ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 92FF 27 KB
11 KB 64ms
33ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5CD7 1 KB
914 B 1067ms
842ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2600
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:52:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 5CD7 19 KB
8 KB 696ms
472ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5CD7 2 KB
1 KB 1066ms
842ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:53:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CD7 119 KB
36 KB 495ms
362ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 5CD7 15 KB
6 KB 472ms
249ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 5CD7 27 KB
12 KB 191ms
60ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0D8C 0
0 127ms
127ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CN7jj-l6YYeysNbaJx_AP2NWjqAfrxJSsZufykcrnDv-fpMGKDRABIIj2rR5gldqIgpgHoAG3m86-A8gBCakCx1-OxGftsj6oAwHIA8sEqgTrAU_Qf3zfUh_iTpvIhSSKaP48ZiGe0RnW4ptKR8kcJcvs3PIMX0Wg-eztaKA5hl-L6k_3u0L_oBqlUMqqTSFkWM5Y9dEDAcpcNjDMft7yUB9okSnRJr00fDV0BiUkTsSmfEuoy9-DybhknugPyyPOKyxPqe_AN-hSvXyqvirkDxqBm6fFsJguy1Nhu6XZHKHKknNsTOQf0LVCVRdwzQ3NConS1OM8x2ijQhuSHPc1Y09hojmilA02KkRL4qnULxmGeFlgr6YQM2mH-J6GV2W8FcTjd_lCkswW1riLE4NklGcWYhiBefKWWhUE7fnABJ7Uzu-nA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAex5LFBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6OoH0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTc0NjAxMjE0NTYyMzA4GAA&sigh=pBKxLzQpKR8&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2219318863947482228/ Frame 0D8C 13 KB
13 KB 469ms
249ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2219318863947482228/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5232d1cec40247149f34ca237b67a39cbe929a5a7595a0b0a61cd24ddfc022a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:04:48 GMT
x-content-type-options: nosniff
age: 210651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13457
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 11:10:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:04:48 GMT

GET
DATA 200
OK truncated
/ Frame 0D8C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcdb8a1d08b3fecea9b8650fd7651a8e161b313b4240eb181dbdeaec96da5f4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9239 4 KB
2 KB 788ms
680ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5CD7 0
0 88ms
87ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJttF-l6YYeSwNdbvgAe3x4OoBevElKxmh_SRyucOn4Sn_vseEAEgiPatHmCV2oiCmAegAbebzr4DyAEJqQLHX47EZ-2yPqgDAcgDywSqBOgBT9DnqDI3YkH-WVcXmzaT5nzN-ykBYqM9GfGUa80qXBQrFyEKYvW2xVzdRoYiRf758g0U34RH_Cf_zKcWfFeiGPplV3Vai3HLM_06aVhIRiUvryhM4l4D-wLdKSxEqLmAhPfuzMaQjCdWJ8UJVkhU82IKSvI490FLqbj_f5LjuvJm8IByUH2MWIRP2bFt-6xcrzoy45rLq80RszoG_L1ptnhYVj8u51_E0r3YzKJAv98D0EeUaN7dSNop960HE-TYz9QBCJTAmEbQnWXd6tdez1wdk2qT7Y0wpmBawdW30qaW3SRUeJzbDcAElu23nqIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7HksUGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDErRXSCAkIgOGAEBABGF-ACgHICwG4E4gn2BMM0BUBmBYBgBcBshccChoIABIUcHViLTQ5NzQ2MDEyMTQ1NjIzMDgYAA&sigh=8EbwPiI72Wk&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 9239 0
9 B 62ms
61ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?HqN2Vw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2219318863947482228/ Frame 5CD7 13 KB
13 KB 464ms
339ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2219318863947482228/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5232d1cec40247149f34ca237b67a39cbe929a5a7595a0b0a61cd24ddfc022a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:04:48 GMT
x-content-type-options: nosniff
age: 210651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13457
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 11:10:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:04:48 GMT

GET
DATA 200
OK truncated
/ Frame 5CD7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcdb8a1d08b3fecea9b8650fd7651a8e161b313b4240eb181dbdeaec96da5f4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 147 KB
52 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2693de993b0846e11d3c19cd0cdeb38781ee4daf8dbbb19dd7c80a66971831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53390
x-xss-protection: 0
server: cafe
etag: 15322786012174084292
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 02:35:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 321ms
74ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vermelho.org.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 359ms
58ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vermelho.org.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA1D 75 KB
30 KB 713ms
712ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b07fc5a9a62a94c9ba73d9d6f159e742c35ea40d7671df2569fc49f77c7a7d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:40 GMT
server: cafe
content-length: 30635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC7D 80 KB
28 KB 694ms
694ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&adk=1099912328&adf=4268860968&pi=t.aa~a.3690207914~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=1200x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1685&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0%2C299x600&nras=3&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=3563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=Q3ii9MQkKc&p=https%3A//vermelho.org.br&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b30670a49c3a4a6f6577d6c5fe383f54e16a49813c1e92ab640b8e4d6c96fb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Nov 2021 02:35:40 GMT
server: cafe
content-length: 28681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK / Show response
sentry.io/api/1333003/envelope/ Frame BA75 2 B
399 B 623ms
137ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1333003/envelope/?sentry_key=0a700392b53f44f5acd5b0879f508c74&sentry_version=7

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://anchor.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Nov 2021 02:35:40 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://anchor.fm
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame BA75 311 KB
84 KB 240ms
240ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.js
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6947050b05cdb618d5465eeec33f4d089b76e264219950c099c1d91298387c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:11 GMT
server: AmazonS3
age: 12359
etag: W/"fb9ce9a8470eca3f867da5658ea51647"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qF2lKeHUqVL7SsuGD9pTANheWhb0_LXy_GOytpQQe_QKyLTZZe6Nng==

POST
H/1.1 200
OK / Show response
sentry.io/api/1333003/envelope/ Frame E1A1 2 B
399 B 387ms
151ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1333003/envelope/?sentry_key=0a700392b53f44f5acd5b0879f508c74&sentry_version=7

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://anchor.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Nov 2021 02:35:40 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://anchor.fm
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
DATA 200
OK truncated
/ Frame DA7D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1052143f6dfde382644e6fe5b99fc28a3b0a72199bd2f8e59fa080048ffe304

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vermelho.org.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
33ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vermelho.org.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/ Frame 352F 11 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 19 Nov 2021 11:15:29 GMT
expires: Fri, 03 Dec 2021 11:15:29 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 55211
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41DC 143 B
163 B 25ms
24ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=250&slotname=3154128600&adk=3173649077&adf=2181454578&pi=t.ma~as.3154128600&w=319&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738551&bpp=1&bdt=635&idt=238&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1164&ady=1936&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8T8awcEDfD&p=https%3A//vermelho.org.br&dtd=241

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Nov 2021 02:02:14 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2006
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0D8C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce2aff1e3d4e97dfa8370e7821bcab06e327155997019277dc741744a7a3f104

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5CD7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8298d1c674a0244a7d26b951fa5359cac2573a86d11dd886210712545f8681ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 92FF 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4EEB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4de9335023ef83ea41ca6835b2fdd1c8e432432543723ba51bd85bd4c55a9cc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame E1A1 311 KB
84 KB 25ms
25ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.js
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6947050b05cdb618d5465eeec33f4d089b76e264219950c099c1d91298387c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:11 GMT
server: AmazonS3
age: 12359
etag: W/"fb9ce9a8470eca3f867da5658ea51647"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ysD23SSe7F8rFqWQZNfatAkZsNpKRHQ34kDlVP7WleSrJxrKi1o_ZA==

POST
H2 204 csi
csi.gstatic.com/ Frame 92FF 0
327 B 242ms
68ms Ping
image/gif 2a00:1450:4026:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kw778nbe&c=181796758759&slotId=90898379379.5&qqid=CI-nnvrzpfQCFc0y4AodCIsKZQ&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/57a53ef409095c62d62662153513db7d.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4026:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2626660655923911216/ Frame 92FF 188 KB
188 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2626660655923911216/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac05d01e8bde89e497508c7faf2aaa0cc6ea9021c1b056ce0ee990bb47eeb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 07:04:12 GMT
x-content-type-options: nosniff
age: 70288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192880
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 07:27:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 07:04:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 92FF 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWzS--l6YYY_CNc3lgAeIlqqoBoaL4sJmq9-09vQO3NkeEAEgiPatHmCV2oiCmAegAee3oJUDyAEJqQLHX47EZ-2yPqgDAcgDywSqBPIBT9D9k0QDJUNBoYuLdxV9n2z24D6VJHHH-QDy0U-mQmWf6npgwMPEbSAUkBrauqTzR0929P392s4F5RMCT0ce8DIAp-NySFG-Bl7rsOKz691OhhXOY2SNfFDnuMLWi9x5zXh4KWYvMDdkQxV4vRTGd-dlN0O2kOuzH1jS4rGNfYZL0hrp4hGZwOS56wyC1KzU5XSPUGjoS2XOnYFwJshmx58wX9KLhOHWwPMXwjSLUhpAhrzvgpXJzvOKThf96V_MAS0SNxFWDlURhNkrIgMrY46o5yp4qdjbzHrKo5THUhuuVDlaj88mJMHq0BX7funZzFXABOGS04PxA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeByN9qqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ9Z4C0ggJCIDhgBAQARhfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTQ5NzQ2MDEyMTQ1NjIzMDgYAA&sigh=Rdc4XJaW-B0&uach_m=[UACH]&template_id=3484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 9239 52 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 17:14:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sat, 20 Nov 2021 17:14:44 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1333003/envelope/ Frame F541 2 B
399 B 173ms
133ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1333003/envelope/?sentry_key=0a700392b53f44f5acd5b0879f508c74&sentry_version=7

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://anchor.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Nov 2021 02:35:40 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://anchor.fm
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1333003/envelope/ Frame C7F2 2 B
399 B 145ms
145ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1333003/envelope/?sentry_key=0a700392b53f44f5acd5b0879f508c74&sentry_version=7

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://anchor.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Nov 2021 02:35:41 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://anchor.fm
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-4g5ednde.googlevideo.com/ Frame 92FF 2 MB
2 MB 206ms
36ms Media
video/mp4 2a00:1450:4001:17::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5ednde.googlevideo.com/videoplayback?expire=1637404539&ei=-16YYezcA7GYx_APy8ujuAM&ip=2a01:4f8:a1:1a1:8a::1&id=67f22fc1bddbc350&itag=18&source=youtube&requiressl=yes&mh=O5&mm=31&mn=sn-4g5ednde&ms=au&mv=u&mvi=5&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=25.379&lmt=1626434074161069&mt=1637375502&txp=5530434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgYGGdqyhEFNiB0kVf82kGDj0VYOjbHe1deek5yGS99OMCIQDF7SRO4SsJvvgFGOFPgBRWclPYujD-n0Bvp2M5tRwTGg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAP2Q4K-jPz4Nb4cKKDmBjOvkYtrLy7UcBUo0552ygOtMAiAiHJ3wlR_uOA-yz4rPzskCxtD18dnybS7XAHyigGAozA==&cpn=o1P8EByeCxismp0m

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:17::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

457f9195f81f8e23d0e1d0ec32c3abc16e4b404474d61b3a2dab017e8d4b9e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 20 Nov 2021 02:35:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Jul 2021 11:14:34 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1602635/1602636
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1602636
Expires: Sat, 20 Nov 2021 02:35:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FC7D 3 KB
579 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&adk=1099912328&adf=4268860968&pi=t.aa~a.3690207914~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=1200x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1685&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0%2C299x600&nras=3&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=3563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=Q3ii9MQkKc&p=https%3A//vermelho.org.br&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:01:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:41 GMT

GET
H3 200 delayed_impression_vu_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/impression/ Frame FC7D 17 KB
7 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/impression/delayed_impression_vu_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13e044ca703a01a7e376551ac09e8b5763bba33f5f2086e1449ea0db8a2fa3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9851
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7382
x-xss-protection: 0
server: cafe
etag: 215217009278228325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 23:51:30 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FC7D 1 KB
884 B 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:52:19 GMT

GET
H3 200 14756627516325802065
tpc.googlesyndication.com/simgad/ Frame FA1D 104 KB
104 KB 33ms
33ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14756627516325802065?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmQ-veqgQl2cGKvb_gdI8g78eKu7A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc655d29454f68e8ff3a1f06f494e56b4b6feac9e7c1531d03c67c93cf97a29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 05:53:43 GMT
x-content-type-options: nosniff
age: 247318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106868
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 12:11:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 05:53:43 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FA1D 19 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FA1D 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:31:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA1D 119 KB
36 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FA1D 15 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FA1D 0
0 34ms
33ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOerYtDzTrL1AdeEzVaquiC6yip2b0KLk2Y4W4dAWCfN3IihWGJmTC0hhLue_8gYNg0gaU9GELNpFpyvo--nPTmEJh0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FA1D 27 KB
11 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 22:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Dec 2021 22:01:30 GMT

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame F541 311 KB
84 KB 48ms
48ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.js
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6947050b05cdb618d5465eeec33f4d089b76e264219950c099c1d91298387c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:11 GMT
server: AmazonS3
age: 12360
etag: W/"fb9ce9a8470eca3f867da5658ea51647"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4VBnDAXntj3eotsxHgjfwCPk6FD9O-TzKHXGWjcSVMJegzGtzGWAzQ==

GET
H2 200 ProfileEpisodeContainer-03520174890d3cd702a1.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame C7F2 309 KB
84 KB 40ms
40ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-03520174890d3cd702a1.js
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 975f67b4363e7358e8e4a4c2ec8e15863bb1dec7da9a0240a6b5d3dc0930e69b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 02:23:59 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 21:42:40 GMT
server: AmazonS3
age: 87103
etag: W/"f5dfecada194789b7fb2779cb4e61a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: F7-oZby2vDHgaR5QJl0Y_vxUDiWTUTucA6kbVxV1lym8JAnJBUhXRg==

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9239 28 B
54 B 43ms
43ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
X-YouTube-Client-Version: 1.20211117.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt2UWJSX3Q4ZlQ4USj6veGMBg%3D%3D
X-YouTube-Ad-Signals: dt=1637375738894&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C757%2C437&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 20 Nov 2021 02:35:41 GMT

GET
H2 200 en41c3 Show response
anchor.fm/api/v3/episodes/ Frame BA75 22 KB
4 KB 108ms
108ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/v3/episodes/en41c3

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

7808c6d7660fb4c222c785e3e0a225bc1324a30f3c96549a84b62394fd94a08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"58b9-svyeBWpAkUWYZdLb2L/hnLffRZc"
age: 78555
x-powered-by: Express
x-served-by: cache-dca17732-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=300
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 4046
x-cache-hits: 1, 0

GET
H2 200 status Show response
anchor.fm/api/ Frame BA75 56 B
204 B 25ms
25ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/status

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

8e6ca9daa8b949e044fd864b5f526d2aa898ffd1ea1a19b6705b427a14f3bfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637375742.895396,VS0,VE0
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 605
content-type: application/json
x-cache: HIT
accept-ranges: bytes
content-length: 56
retry-after: 0
x-cache-hits: 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame BA75 36 B
164 B 114ms
114ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca17772-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame BA75 36 B
102 B 117ms
117ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca12925-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 currentuser Show response
anchor.fm/api/ Frame BA75 2 B
64 B 23ms
23ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/currentuser

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 607
content-type: application/json; charset=utf-8
x-cache: HIT
accept-ranges: bytes
content-length: 2
retry-after: 0
x-cache-hits: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame FC7D 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FC7D 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:31:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC7D 119 KB
36 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:41 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame FC7D 15 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FC7D 0
0 35ms
34ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTc6SCBAuwGtd4839PjgGcb7th6H8MK8MpZobRJH6Sx5nXwQS0G4yyzCM9ISPC0nTt4R3nZLEwIrAMJgDjinWB8y55LYg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&adk=1099912328&adf=4268860968&pi=t.aa~a.3690207914~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=1200x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1685&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0%2C299x600&nras=3&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=3563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=Q3ii9MQkKc&p=https%3A//vermelho.org.br&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame FC7D 27 KB
11 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FA1D 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0O6--16YYa6tJ9XJgAfUhIGgB-qYvstmi63amfUOsJAfEAEgiPatHmCV2oiCmAegAfGD_ZUDyAECqAMByAPJBKoE7QFP0KF6Vf78vPkt9vKR_tQe4KRZX1CKjc4S8VyaUZEMGn3PY_QBVmN959MT-mS7lXdVQWQ4nx4yO6V-1YnsCn7ysbT3DHx6vN-y7MstwJRA0SXf85MzsLun12jRhkz18J7UA3j3mn5sMLKrGqAp4ZaGb_SJ3KEehLwfgvQL5wC_rUwfFh6NoYrK5vKAFJl8GVLC4vrAEO7KVg_ULxjcobv1WX8rAH13YZQcQgM13IvRWEYsH6vA9_iVPxk-gm9Eb8tD3Vv9ISXDfxR9KKEzTS0M7bQFlO_8bq2WPKjpOSOdam7DqCQI-9CpWWUOTMfABPHX-Iq4A5IFBAgEGAGSBQQIBRgEoAYCgAez37-BAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKrVFdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi00OTc0NjAxMjE0NTYyMzA4GAA&sigh=O9F8pDiM3Ic&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/1333003/envelope/ Frame 0019 2 B
399 B 154ms
154ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1333003/envelope/?sentry_key=0a700392b53f44f5acd5b0879f508c74&sentry_version=7

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://anchor.fm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Nov 2021 02:35:42 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://anchor.fm
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 92FF 2 KB
2 KB 18ms
18ms Image
image/png 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 05:51:39 GMT
x-content-type-options: nosniff
server: cafe
age: 74643
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
expires: Sat, 20 Nov 2021 05:51:39 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5CD7 21 KB
21 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 294056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 5CD7 21 KB
21 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 375256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 18:21:26 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0D8C 21 KB
21 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 294056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0D8C 21 KB
21 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 375256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 18:21:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DA7D 15 KB
15 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 203963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 17:56:19 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 352F 4 KB
634 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:01:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:42 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 352F 205 B
229 B 37ms
37ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:18:30 GMT
x-content-type-options: nosniff
age: 256632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 17 Nov 2022 03:18:30 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 352F 604 B
628 B 38ms
37ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:21:19 GMT
x-content-type-options: nosniff
age: 303263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 16 Nov 2022 14:21:19 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 352F 18 KB
8 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 00:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8141
x-xss-protection: 0
server: cafe
etag: 15959965552278146708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 00:22:01 GMT

GET
DATA 200
OK truncated
/ Frame 92FF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8887963fdc2417f93a17d3ccab9ab1af41772b05f1f152b265250abbc2ab4f50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eooftm Show response
anchor.fm/api/v3/episodes/ Frame E1A1 22 KB
4 KB 151ms
151ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/v3/episodes/eooftm

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

8d3207c0463f93ea7fab2b927adf160d1d83eebf0d2c54f9f5b3b1a7beb859ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"5892-ebmzTgzG4/0smmjq5AGoWIXuWhc"
age: 49818
x-powered-by: Express
x-served-by: cache-dca17777-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=300
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 4048
x-cache-hits: 1, 0

GET
H2 200 status Show response
anchor.fm/api/ Frame E1A1 56 B
137 B 35ms
34ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/status

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

8e6ca9daa8b949e044fd864b5f526d2aa898ffd1ea1a19b6705b427a14f3bfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637375742.173637,VS0,VE0
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 605
content-type: application/json
x-cache: HIT
accept-ranges: bytes
content-length: 56
retry-after: 0
x-cache-hits: 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame E1A1 36 B
100 B 114ms
114ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca12920-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame E1A1 36 B
102 B 112ms
112ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca17776-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 currentuser Show response
anchor.fm/api/ Frame E1A1 2 B
36 B 35ms
35ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/currentuser

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 607
content-type: application/json; charset=utf-8
x-cache: HIT
accept-ranges: bytes
content-length: 2
retry-after: 0
x-cache-hits: 0

GET
H2 200 ProfileEpisodeContainer-141e4bbf792a8814d582.js Show response
d1rx8vrt2hn1hc.cloudfront.net/builds/ Frame 0019 311 KB
84 KB 22ms
22ms Script
application/javascript 2600:9000:2156:7e00:1e:f77c:1000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/ProfileEpisodeContainer-141e4bbf792a8814d582.js
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:1e:f77c:1000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6947050b05cdb618d5465eeec33f4d089b76e264219950c099c1d91298387c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:09:42 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 20:54:11 GMT
server: AmazonS3
age: 12361
etag: W/"fb9ce9a8470eca3f867da5658ea51647"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: fDAfSo9lRkCbGkbMfqpyekjuSW6T4chXMmaGe_WO82vFqgptdywjPg==

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A99B 143 B
163 B 25ms
24ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Nov 2021 02:02:14 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 65FD 1 KB
749 B 30ms
29ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 19 Nov 2021 13:26:12 GMT
expires: Sat, 20 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 47370
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6650 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2744524826&adf=844217289&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738552&bpp=1&bdt=636&idt=244&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=4144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=17XuNIjq62&p=https%3A//vermelho.org.br&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8383 35 KB
13 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
DATA 200
OK truncated
/ Frame FA1D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd6541a44bb5d9b6ad44cdf197897751fabfbf26f79b6ee0ddb73c9d0dddd16b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 790E 1 KB
749 B 24ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 19 Nov 2021 13:26:12 GMT
expires: Sat, 20 Nov 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 47370
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 em5fe4 Show response
anchor.fm/api/v3/episodes/ Frame F541 22 KB
4 KB 154ms
154ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/v3/episodes/em5fe4

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

f09867804dd046ea0a3d57c4469b1ded3621635d4e329f9a551c5262f80bb4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"591a-mgJ6VofYeQWrKV6WoTStJd/JzCc"
age: 3762
x-powered-by: Express
x-served-by: cache-dca17727-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=300
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 4041
x-cache-hits: 1, 0

GET
H2 200 status Show response
anchor.fm/api/ Frame F541 56 B
172 B 21ms
20ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/status

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

8e6ca9daa8b949e044fd864b5f526d2aa898ffd1ea1a19b6705b427a14f3bfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637375742.387756,VS0,VE0
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 605
content-type: application/json
x-cache: HIT
accept-ranges: bytes
content-length: 56
retry-after: 0
x-cache-hits: 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame F541 36 B
102 B 209ms
209ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca17763-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame F541 36 B
107 B 631ms
631ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca17773-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 currentuser Show response
anchor.fm/api/ Frame F541 2 B
64 B 21ms
21ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/currentuser

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 607
content-type: application/json; charset=utf-8
x-cache: HIT
accept-ranges: bytes
content-length: 2
retry-after: 0
x-cache-hits: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2219318863947482228/ Frame FC7D 13 KB
13 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2219318863947482228/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5232d1cec40247149f34ca237b67a39cbe929a5a7595a0b0a61cd24ddfc022a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:04:48 GMT
x-content-type-options: nosniff
age: 210654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13457
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 11:10:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:04:48 GMT

GET
DATA 200
OK truncated
/ Frame FC7D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57779365e1b719071be3541c3f49d802d2cfa366f97e26efa34f2da8d88919ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F92 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=2621348647&adf=921432228&pi=t.ma~as.3154128600&w=879&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=879x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738543&bpp=6&bdt=627&idt=209&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&correlator=488001330560&frm=20&pv=2&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=360&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tIypaNQ94o&p=https%3A//vermelho.org.br&dtd=229

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

POST
H2 200 ip
anchor.fm/api/v3/referral/ Frame C7F2 0
0 21ms
21ms Fetch 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/v3/referral/ip

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 602
x-cache: HIT
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 2460605-1620400161716-c2a5453222551.jpg
d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2460605/ Frame C7F2 60 KB
60 KB 79ms
78ms Image
image/jpg 2600:9000:2156:5c00:7:c135:4380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2460605/2460605-1620400161716-c2a5453222551.jpg
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:7:c135:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d30094919da411d90ad158ee1ee772f824e9fd113dd7e9b13590e797af6099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 05:38:43 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Fri, 07 May 2021 15:09:23 GMT
server: AmazonS3
age: 75420
etag: "106594a6677ad1b894d5c3f00ec5e6b9"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-meta-content-type: image/jpg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 61134
x-amz-cf-id: 5OinGs2ablhrqi7C7PgEvN-iWwr4QLuXOpffTlll4Ods_oCUeIiE_w==

GET
H2 200 webStationId:f432c54 Show response
anchor.fm/api/proxy/v3/userSocialUrl/station/ Frame C7F2 21 B
340 B 113ms
112ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/proxy/v3/userSocialUrl/station/webStationId:f432c54

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

e66c0ea37528ee3951dcacac5aa0aba4ef4b0b6bf9e30eedb18dd264be48feb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"15-jViwamBBXI4cMOshLi61F/wGRjc"
x-newrelic-app-data: PxQFUlZXAQoBR1VQBgcHUlIAAhFORDQHUjZKA1ZLVVFHDFYPHiRLEhZTRBIMEBd0dTBOTUECGBMXVERgDQUKA1w3Sg4XS0BTRwxWDx5bQBYFQl4OCCpcERxUTVIZAQdfXAQEB1JXT0ACUxpOGgFQBgUBCAQEAwVTUQ5WWVVBFFVRCBIHag==
age: 72345
x-powered-by: Express
x-served-by: cache-dca17749-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=0
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 21
x-cache-hits: 1, 0

GET
H2 200 e10eemb Show response
anchor.fm/api/v3/episodes/ Frame C7F2 134 KB
20 KB 268ms
268ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/v3/episodes/e10eemb

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

38ca27dd58e0030fb7b370186af0d4d198d82207d9bddf298af57e0a54085406

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"21619-S/fubeio+DWhMdiG7mVxKXurF6U"
age: 0
x-powered-by: Express
x-served-by: cache-dca17761-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=300
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 20149
x-cache-hits: 0, 0

GET
H2 200 status Show response
anchor.fm/api/ Frame C7F2 56 B
114 B 31ms
31ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/status

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

8e6ca9daa8b949e044fd864b5f526d2aa898ffd1ea1a19b6705b427a14f3bfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637375742.470825,VS0,VE0
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 605
content-type: application/json
x-cache: HIT
accept-ranges: bytes
content-length: 56
retry-after: 0
x-cache-hits: 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame C7F2 36 B
163 B 117ms
117ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca12922-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame C7F2 36 B
101 B 120ms
119ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca17782-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 currentuser Show response
anchor.fm/api/ Frame C7F2 2 B
41 B 30ms
30ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/currentuser

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-03520174890d3cd702a1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 607
content-type: application/json; charset=utf-8
x-cache: HIT
accept-ranges: bytes
content-length: 2
retry-after: 0
x-cache-hits: 0

GET
H2 200 webStationId:f5c0030 Show response
anchor.fm/api/proxy/v3/userSocialUrl/station/ Frame BA75 112 B
370 B 120ms
119ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/proxy/v3/userSocialUrl/station/webStationId:f5c0030

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

45a87e74cbddfcce22637b749168e0470392754c8a14b4807b706e8334658b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"70-KDGKGqOMXUQDg7xKCdAZld5hFS0"
x-newrelic-app-data: PxQFUlZXAQoBR1VQBgcHUlIAAhFORDQHUjZKA1ZLVVFHDFYPHiRLEhZTRBIMEBd0dTBOTUECGBMXVERgDQUKA1w3Sg4XS0BTRwxWDx5bQBYFQl4OCCpcERxUTVIZAQZWUAcDAVdUT0ABUwpAFBoCAlIDXQQDWANVVVcEUQcHGh9WBQ0RUmw=
age: 73376
x-powered-by: Express
x-served-by: cache-dca17725-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=0
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 112
x-cache-hits: 1, 0

GET
H2 200 2476876-1606654656405-b7e7d56340077.jpg
d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/ Frame BA75 76 KB
76 KB 104ms
103ms Image
image/jpg 2600:9000:2156:5c00:7:c135:4380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/2476876-1606654656405-b7e7d56340077.jpg
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:7:c135:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7218117dfd3d31f2e69daadbeb274349fbfccc4780466e3231a6def94034de0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 05:39:00 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sun, 29 Nov 2020 12:57:37 GMT
server: AmazonS3
age: 75403
etag: "89766386c62cf3f5e6e00f290f1bfda7"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-meta-content-type: image/jpg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 77646
x-amz-cf-id: f4599XA-3g5wyiu37qa7H5TSW3K_2n4dngngKOMVQB1kyX5gss5Aag==

GET
H2 200 maax-medium.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame BA75 65 KB
65 KB 24ms
24ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-medium.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c40d1b27af6942a1bed6a5b3df59834401e1e95252134e87965a64a9fa893c

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:51:20 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1464262
x-cache: Hit from cloudfront
content-length: 66096
last-modified: Thu, 23 Sep 2021 18:32:06 GMT
server: AmazonS3
etag: "08484121bb86b9868a1eadcf1c6db46d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: w8MBFEo-Gp3Cflbp8a90Z7MJaLxO4noD1ACAvOhxIJb_NovRQzqYnw==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 41DC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

50ms
49ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 02:35:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 02:35:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame CC44 35 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
DATA 200
OK truncated
/ Frame FC7D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c397fd8b08a1ab365ebf2e72a8d1a87faae6c217b22e257a46b20a58c868b04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 92FF 21 KB
21 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 294056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 92FF 21 KB
21 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 375256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 18:21:26 GMT

GET
H2 200 webStationId:f5c0030 Show response
anchor.fm/api/proxy/v3/userSocialUrl/station/ Frame E1A1 112 B
165 B 28ms
27ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/proxy/v3/userSocialUrl/station/webStationId:f5c0030

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

45a87e74cbddfcce22637b749168e0470392754c8a14b4807b706e8334658b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"70-KDGKGqOMXUQDg7xKCdAZld5hFS0"
x-newrelic-app-data: PxQFUlZXAQoBR1VQBgcHUlIAAhFORDQHUjZKA1ZLVVFHDFYPHiRLEhZTRBIMEBd0dTBOTUECGBMXVERgDQUKA1w3Sg4XS0BTRwxWDx5bQBYFQl4OCCpcERxUTVIZAQZWUAcDAVdUT0ABUwpAFBoCAlIDXQQDWANVVVcEUQcHGh9WBQ0RUmw=
age: 73376
x-powered-by: Express
x-served-by: cache-dca17725-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=0
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 112
x-cache-hits: 1, 1

GET
H2 200 2476876-1610217122591-7082c08bc4362.jpg
d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/ Frame E1A1 77 KB
78 KB 94ms
94ms Image
image/jpg 2600:9000:2156:5c00:7:c135:4380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/2476876-1610217122591-7082c08bc4362.jpg
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:7:c135:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3313f817ed0ff25955f86f43383d73cc4636c693c9ca16856a7a7f21043fbbd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 20:46:11 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sat, 09 Jan 2021 18:32:04 GMT
server: AmazonS3
age: 20971
etag: "88ce9c6adffe98448ca735b0061d1381"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-meta-content-type: image/jpg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 79009
x-amz-cf-id: Kj68-qU_ybpxwI7znw2GPOJiZcQK9CVIf-hRZNGzqWjLNwKTkjjiWQ==

GET
H3 200 css
fonts.googleapis.com/ Frame 1376 3 KB
579 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Nov 2021 02:07:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 20 Nov 2021 02:35:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Nov 2021 02:35:42 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1376 1 KB
884 B 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:52:19 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 1376 19 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:20:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1376 2 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 02:31:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1376 119 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 20 Nov 2021 02:35:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 1376 15 KB
6 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 01:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Dec 2021 01:59:48 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 1376 27 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 11:25:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Feb 2022 11:25:57 GMT

GET
H2 200 emqa5v Show response
anchor.fm/api/v3/episodes/ Frame 0019 22 KB
4 KB 101ms
100ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/v3/episodes/emqa5v

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

796754b78e39bedf56d7925e8441787bf9d9723a5069deea230b223acd4c2313

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"58c3-FWbFcAV9Y1tbOTKGe6FKBByHq+U"
age: 21267
x-powered-by: Express
x-served-by: cache-dca17735-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, MISS
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=300
strict-transport-security: max-age=86400
accept-ranges: bytes
content-encoding: gzip
content-length: 4031
x-cache-hits: 1, 0

GET
H2 200 status Show response
anchor.fm/api/ Frame 0019 56 B
185 B 18ms
18ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/status

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

8e6ca9daa8b949e044fd864b5f526d2aa898ffd1ea1a19b6705b427a14f3bfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637375743.673600,VS0,VE0
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 605
content-type: application/json
x-cache: HIT
accept-ranges: bytes
content-length: 56
retry-after: 0
x-cache-hits: 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame 0019 36 B
164 B 98ms
98ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca17772-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 region Show response
anchor.fm/api/compliance/ Frame 0019 36 B
102 B 106ms
106ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/compliance/region

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"24-jRg18MMBirBi6d7AoRdskjQpvB4"
x-powered-by: Express
x-served-by: cache-dca12926-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: application/json; charset=utf-8
cache-control: private, max-age=86400
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 36
x-cache-hits: 0, 0

GET
H2 200 currentuser Show response
anchor.fm/api/ Frame 0019 2 B
64 B 17ms
17ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/currentuser

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19161-FRA
strict-transport-security: max-age=86400
x-isc: 607
content-type: application/json; charset=utf-8
x-cache: HIT
accept-ranges: bytes
content-length: 2
retry-after: 0
x-cache-hits: 0

GET
H2 200 maax-medium.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame E1A1 65 KB
65 KB 10ms
10ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-medium.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c40d1b27af6942a1bed6a5b3df59834401e1e95252134e87965a64a9fa893c

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:51:20 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1464262
x-cache: Hit from cloudfront
content-length: 66096
last-modified: Thu, 23 Sep 2021 18:32:06 GMT
server: AmazonS3
etag: "08484121bb86b9868a1eadcf1c6db46d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: LBnmk6Qzb8vYMiqQK4uhSAcMAhmxjhYSBnuted0dHH8BS0uZOkH7-w==

GET
H2 200 webStationId:f5c0030 Show response
anchor.fm/api/proxy/v3/userSocialUrl/station/ Frame F541 112 B
423 B 7ms
7ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/proxy/v3/userSocialUrl/station/webStationId:f5c0030

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

45a87e74cbddfcce22637b749168e0470392754c8a14b4807b706e8334658b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:42 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"70-KDGKGqOMXUQDg7xKCdAZld5hFS0"
x-newrelic-app-data: PxQFUlZXAQoBR1VQBgcHUlIAAhFORDQHUjZKA1ZLVVFHDFYPHiRLEhZTRBIMEBd0dTBOTUECGBMXVERgDQUKA1w3Sg4XS0BTRwxWDx5bQBYFQl4OCCpcERxUTVIZAQZWUAcDAVdUT0ABUwpAFBoCAlIDXQQDWANVVVcEUQcHGh9WBQ0RUmw=
age: 73376
x-powered-by: Express
x-served-by: cache-dca17725-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=0
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 112
x-cache-hits: 1, 2

GET
H2 200 2476876-1604767873603-07dd1c50209b5.jpg
d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/ Frame F541 76 KB
76 KB 19ms
19ms Image
image/jpg 2600:9000:2156:5c00:7:c135:4380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/2476876-1604767873603-07dd1c50209b5.jpg
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:7:c135:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7218117dfd3d31f2e69daadbeb274349fbfccc4780466e3231a6def94034de0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 05:39:01 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sat, 07 Nov 2020 16:51:15 GMT
server: AmazonS3
age: 75402
etag: "89766386c62cf3f5e6e00f290f1bfda7"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-meta-content-type: image/jpg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 77646
x-amz-cf-id: tLb-IdjKYO8eHhlvek_ZCJr7s_KKKbQNvp1cuhoKqJq1jjNHv1mR0w==

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 010F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&slotname=3154128600&adk=934655882&adf=226584853&pi=t.ma~as.3154128600&w=436&fwrn=4&fwrnh=100&lmt=1637375738&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375738553&bpp=1&bdt=637&idt=248&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=879x280%2C668x280%2C319x250%2C879x280&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1047&ady=4713&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=uRZBsFVTyL&p=https%3A//vermelho.org.br&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H2 200 maax-medium.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame F541 65 KB
65 KB 9ms
9ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-medium.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c40d1b27af6942a1bed6a5b3df59834401e1e95252134e87965a64a9fa893c

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:51:20 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1464262
x-cache: Hit from cloudfront
content-length: 66096
last-modified: Thu, 23 Sep 2021 18:32:06 GMT
server: AmazonS3
etag: "08484121bb86b9868a1eadcf1c6db46d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: K0VweqAV94ztO5wBRylwceOtFaftxNnQybFeyUqyiOlnydir_zVSJg==

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FC7D 21 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 294056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FC7D 21 KB
21 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 375256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 15 Nov 2022 18:21:26 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 65FD 35 B
462 B 122ms
24ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOxWCsvtdPwi6ltcDM0QVBQ&google_cver=1&google_push=AYg5qPKvzZAw8D0xL1elqUIePP0Y4yXdCx3RR5qplIHFXdfbsyTxWFOGCT7k4fXlSb1QK-2mosIFPKAYSb6WCkgM44EX3lFSqPk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJwM19384UXJ6NR5N3G-m6tY3ethslFGbKVioC...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpoZS13QUFCUWZtSldIMg&google_push=AYg5qPJwM19384UXJ6NR5N3G-m6tY3ethslFGbKVioCvyLJeu9DjIFIJFAMPUIqy6JuMJx1bjiQJA8HdOp77skdOsd6M3tVYqpw

170 B
188 B

38ms
37ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpoZS13QUFCUWZtSldIMg&google_push=AYg5qPJwM19384UXJ6NR5N3G-m6tY3ethslFGbKVioCvyLJeu9DjIFIJFAMPUIqy6JuMJx1bjiQJA8HdOp77skdOsd6M3tVYqpw

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVpoZS13QUFCUWZtSldIMg&google_push=AYg5qPJwM19384UXJ6NR5N3G-m6tY3ethslFGbKVioCvyLJeu9DjIFIJFAMPUIqy6JuMJx1bjiQJA8HdOp77skdOsd6M3tVYqpw
Date: Sat, 20 Nov 2021 02:35:43 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEA74jc7XQUYX_kqy2sFggwk&google_cver=1&google_push=AYg5qPL17edaRPZ6EjVRZP0m7Wapeoe_3uhrvQWTRsPY2R_PLNMmFu1kOI0FSlWeu9NtRBF8pWeUQZuFoyI76rNvY2VSfNA-3xI
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL17edaRPZ6EjVRZP0m7Wapeoe_3uhrvQWTRsPY2R_PLNMmFu1kOI0FSlWeu9NtRBF8pWeUQZuFoyI76rNvY2VSfNA-3xI&google_hm=Q0FFU0VBNzRqYzdYUVVZWF...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL17edaRPZ6EjVRZP0m7Wapeoe_3uhrvQWTRsPY2R_PLNMmFu1kOI0FSlWeu9NtRBF8pWeUQZuFoyI76rNvY2VSfNA-3xI&google_hm=Q0FFU0VBNzRqYzdYUVVZWF9rcXkyc0ZnZ3dr

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 02:35:42 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL17edaRPZ6EjVRZP0m7Wapeoe_3uhrvQWTRsPY2R_PLNMmFu1kOI0FSlWeu9NtRBF8pWeUQZuFoyI76rNvY2VSfNA-3xI&google_hm=Q0FFU0VBNzRqYzdYUVVZWF9rcXkyc0ZnZ3dr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJV9fdKz_ZV-NegGzDAUqP0&google_push=AYg5qPLZPXcMIGxxUrYcFzELnrs6knlFbOM6ymd_sdGS6HapcDx7kSlyFBO_sxNdtiKGlRbJ3gpTEEwOmfgbKE2LDPLuMlw...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLZPXcMIGxxUrYcFzELnrs6knlFbOM6ymd_sdGS6HapcDx7kSlyFBO_sxNdtiKGlRbJ3gpTEEwOmfgbKE2LDPLuMlwYhg&google_hm=MTA4MTY2NjExNDM3MjA5...

170 B
188 B

62ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLZPXcMIGxxUrYcFzELnrs6knlFbOM6ymd_sdGS6HapcDx7kSlyFBO_sxNdtiKGlRbJ3gpTEEwOmfgbKE2LDPLuMlwYhg&google_hm=MTA4MTY2NjExNDM3MjA5Nzc4MzQ

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AYg5qPLZPXcMIGxxUrYcFzELnrs6knlFbOM6ymd_sdGS6HapcDx7kSlyFBO_sxNdtiKGlRbJ3gpTEEwOmfgbKE2LDPLuMlwYhg&google_hm=MTA4MTY2NjExNDM3MjA5Nzc4MzQ
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DXKrcpsDSzGK2QV21vL_fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DXKrcpsDSzGK2QV21vL_fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJYGKs2xLPIEQj6ys4Adkr7pISbkPE1veBhoppA7NK9XdMfZB4LGSR_A_1vRuMaDhVPypYhSKcqbMis6juvUTJev_t4ihw

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DXKrcpsDSzGK2QV21vL_fA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJYGKs2xLPIEQj6ys4Adkr7pISbkPE1veBhoppA7NK9XdMfZB4LGSR_A_1vRuMaDhVPypYhSKcqbMis6juvUTJev_t4ihw
date: Sat, 20 Nov 2021 02:35:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 65FD 43 B
296 B 734ms
192ms Image
image/gif 2600:1f14:d24:9300:b360:915c:21c:8f3f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGiZOCboHvz5KfqoL8O-wT0&google_cver=1&google_push=AYg5qPIECiXwYVesaJ16y_jfztt2f0cG9SrTi440CqMZao3KnfyCs1gzwwIfItIuqGvCxA9ZSrY9it8e-NM0NKA3yOLxoD4o2AQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=600&adk=2624991116&adf=1760798979&pi=t.aa~a.1367758279~rp.4&w=299&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=299x600&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1684&idt=-M&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0&nras=2&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=127&ady=1879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=IJPo5dm7Ix&p=https%3A//vermelho.org.br&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:d24:9300:b360:915c:21c:8f3f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 65FD 0
49 B 137ms
33ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5lbZvywoqp8pZ-2cFDEQR7Q2rRw-4Wao1_c5zWTUghw32FpD2xE1XnNAe_l-QZlhy3X0w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 webStationId:f5c0030 Show response
anchor.fm/api/proxy/v3/userSocialUrl/station/ Frame 0019 112 B
180 B 25ms
24ms Fetch
application/json 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anchor.fm/api/proxy/v3/userSocialUrl/station/webStationId:f5c0030

Requested by

Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

45a87e74cbddfcce22637b749168e0470392754c8a14b4807b706e8334658b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:43 GMT
via: 1.1 varnish, 1.1 varnish
etag: W/"70-KDGKGqOMXUQDg7xKCdAZld5hFS0"
x-newrelic-app-data: PxQFUlZXAQoBR1VQBgcHUlIAAhFORDQHUjZKA1ZLVVFHDFYPHiRLEhZTRBIMEBd0dTBOTUECGBMXVERgDQUKA1w3Sg4XS0BTRwxWDx5bQBYFQl4OCCpcERxUTVIZAQZWUAcDAVdUT0ABUwpAFBoCAlIDXQQDWANVVVcEUQcHGh9WBQ0RUmw=
age: 73376
x-powered-by: Express
x-served-by: cache-dca17725-DCA, cache-fra19161-FRA
vary: Accept-Encoding
x-cache: HIT, HIT
content-type: application/json; charset=utf-8
cache-control: public, s-maxage=86400, max-age=0
strict-transport-security: max-age=86400
accept-ranges: bytes
content-length: 112
x-cache-hits: 1, 3

GET
H2 200 2476876-1605988229607-050b09b0e7226.jpg
d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/ Frame 0019 76 KB
76 KB 36ms
35ms Image
image/jpg 2600:9000:2156:5c00:7:c135:4380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_episode400/2476876/2476876-1605988229607-050b09b0e7226.jpg
Requested by: Host: vermelho.org.br
URL: https://vermelho.org.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:7:c135:4380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7218117dfd3d31f2e69daadbeb274349fbfccc4780466e3231a6def94034de0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anchor.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 23:26:16 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Sat, 21 Nov 2020 19:50:31 GMT
server: AmazonS3
age: 11368
etag: "89766386c62cf3f5e6e00f290f1bfda7"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-meta-content-type: image/jpg
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 77646
x-amz-cf-id: GXGsj3iFsifGRG79FwxgpzmPJmVCRrO3X3u22poXusyH8lwVgy6S_Q==

GET
H2 200 dpixel
cms.quantserve.com/ Frame 790E 35 B
463 B 92ms
24ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOxWCsvtdPwi6ltcDM0QVBQ&google_cver=1&google_push=AYg5qPJgUXP_jd4KYE8ZQTKrxI1CSU7C5q-LQkEgNyN2M2nmeea3GZl4xZU0m-tie8zO-OMeiljfGxXBO76NTCybiJUuf7tZxshy

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 790E
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEA74jc7XQUYX_kqy2sFggwk&google_cver=1&google_push=AYg5qPIaLlf5ZHAEVh1CcJznn5GUzh5zLSUC8cyGsjgTftfsbk9G_N-53yAhNQLUfEqTbqxE0pvSS6e_hroGvtnAdJTZ-40vX76c
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIaLlf5ZHAEVh1CcJznn5GUzh5zLSUC8cyGsjgTftfsbk9G_N-53yAhNQLUfEqTbqxE0pvSS6e_hroGvtnAdJTZ-40vX76c&google_hm=Q0FFU0VBNzRqYzdYUVVZW...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIaLlf5ZHAEVh1CcJznn5GUzh5zLSUC8cyGsjgTftfsbk9G_N-53yAhNQLUfEqTbqxE0pvSS6e_hroGvtnAdJTZ-40vX76c&google_hm=Q0FFU0VBNzRqYzdYUVVZWF9rcXkyc0ZnZ3dr

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Nov 2021 02:35:43 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIaLlf5ZHAEVh1CcJznn5GUzh5zLSUC8cyGsjgTftfsbk9G_N-53yAhNQLUfEqTbqxE0pvSS6e_hroGvtnAdJTZ-40vX76c&google_hm=Q0FFU0VBNzRqYzdYUVVZWF9rcXkyc0ZnZ3dr
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 790E
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJV_BOA...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJV_BOA...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjAwMjM1NDMwMDA3ODQwMzU3MzAzOQ%3D%3D&google_push=AYg5qPJV_BOAMxzsHCHWLrinLU69pxB1zrKIEy74bi0B2HGxgEI-YW7e6tC7NumOsG5JsU...

170 B
188 B

39ms
39ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjAwMjM1NDMwMDA3ODQwMzU3MzAzOQ%3D%3D&google_push=AYg5qPJV_BOAMxzsHCHWLrinLU69pxB1zrKIEy74bi0B2HGxgEI-YW7e6tC7NumOsG5JsUV6-4OZbsTK9OWzyHx4x8eNkkx_vZ0

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMjAwMjM1NDMwMDA3ODQwMzU3MzAzOQ%3D%3D&google_push=AYg5qPJV_BOAMxzsHCHWLrinLU69pxB1zrKIEy74bi0B2HGxgEI-YW7e6tC7NumOsG5JsUV6-4OZbsTK9OWzyHx4x8eNkkx_vZ0
pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 20 Nov 2021 02:35:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 790E
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECSX1q3Kt-G-8CJEIcesOqQ&google_cver=1&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54
https://rtb.openx.net/sync/dds?google_gid=CAESECSX1q3Kt-G-8CJEIcesOqQ&google_cver=1&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54&google_hm=vDqiRl48waUMql7NONTqXA==

170 B
188 B

43ms
42ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54&google_hm=vDqiRl48waUMql7NONTqXA==

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKsInb_aluUFhiJrZIJjDCbagOttrmPZ3346ZUF54VH-Wxhxu6l6jEyU9UlKr-doQUi5mbxHeFcDp6L9DoH8JyEotT_I54&google_hm=vDqiRl48waUMql7NONTqXA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: sj8dv6ueh433ioukj4ge2pv41932iem6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 790E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_1fK_D1TQjCGdC3Mv9Vhvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_1fK_D1TQjCGdC3Mv9Vhvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpn8KqhxVv16TaHT3e8YWYjUu2OlX32-p4X_wjItoGZY2W3iDabLTElVgAV6ZYsEXlVzQl9GaeBqEpnswMLg2CufZbCm7l

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_1fK_D1TQjCGdC3Mv9Vhvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpn8KqhxVv16TaHT3e8YWYjUu2OlX32-p4X_wjItoGZY2W3iDabLTElVgAV6ZYsEXlVzQl9GaeBqEpnswMLg2CufZbCm7l
date: Sat, 20 Nov 2021 02:35:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 790E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3aOBWJdtzfKLgN3dfWePQ&google_cver=1&google_push=AYg5qPJWBMjmzZQ7AGecfXotBGmcTVIs_3TJhlr7Kt383eqh49RnTdDjHC7ndE8-l0wmkiSDCyB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c3NzhQOFUtWi1JWEFW&google_push=AYg5qPJWBMjmzZQ7AGecfXotBGmcTVIs_3TJhlr7Kt383eqh49RnTdDjHC7ndE8-l0wmkiSDCyB_y54sXHEDfSwj90NIKyLpoWM

170 B
188 B

31ms
31ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c3NzhQOFUtWi1JWEFW&google_push=AYg5qPJWBMjmzZQ7AGecfXotBGmcTVIs_3TJhlr7Kt383eqh49RnTdDjHC7ndE8-l0wmkiSDCyB_y54sXHEDfSwj90NIKyLpoWM

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1c3NzhQOFUtWi1JWEFW&google_push=AYg5qPJWBMjmzZQ7AGecfXotBGmcTVIs_3TJhlr7Kt383eqh49RnTdDjHC7ndE8-l0wmkiSDCyB_y54sXHEDfSwj90NIKyLpoWM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 790E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 790E 0
232 B 105ms
32ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkpnQzA0YZ3HcvQq_xu7QecpArpDQNwJ7LQbM8qmcE73W5P-R9MS3BpnCGjhgO_w5T1BOL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FC7D 0
17 B 55ms
55ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCa4--16YYdTfJ87l7gOZpoqYBKHLlstlv_KRyucO5rO1iIcfEAEgiPatHmCV2oiCmAegAbebzr4DyAEJqQLHX47EZ-2yPqgDAcgDywSqBPgBT9BUOG0bOHAQb_yH5K043qBdnE0CPFYysCr2EyxXraNseKnDyUIIdAG6rpREoBaW7muqroeeiD8_1GI1Idf4tjQ6QPQ3IoiGzfnVnINbP5wn5jk0jLGYayFglOo1DcttpwcRTLbvtEvhJs0jXeBaZMKmFq2GOEUSgs6OadnB6z6YJjYqvYUetEGwGZIOc7V83rOZyEBRO6PhkXRRT3o-6DfCZiiRcm_39JL-RD1z_3j2ORzlX1V7X8gLdzNlqvFCty0SsofYrkoUtfM4mWHIgt2AoW2fRX0dm2G0rVU8BiU-xIxQq9GnE9oreamvTjYvGMi2W6D6g97ABMyAz4uvA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAex5LFBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQw90L0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTc0NjAxMjE0NTYyMzA4GAA&sigh=y7i-ehUG4f8&uach_m=[UACH]&template_id=5000&cbvp=2&vis=1

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4974601214562308&output=html&h=280&adk=1099912328&adf=4268860968&pi=t.aa~a.3690207914~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1637375739&rafmt=1&to=qs&pwprc=2615320843&psa=0&format=1200x280&url=https%3A%2F%2Fvermelho.org.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637375739601&bpp=1&bdt=1685&idt=1&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0bf376222e1cb1ee-224368e3e3cb00b9%3AT%3D1637375739%3ART%3D1637375739%3AS%3DALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ&prev_fmts=879x280%2C668x280%2C319x250%2C879x280%2C436x280%2C0x0%2C299x600&nras=3&correlator=488001330560&frm=20&pv=1&ga_vid=2119234257.1637375738&ga_sid=1637375739&ga_hid=2129034438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=3563&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=2547901018465376&pem=996&tmod=1125472513&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=6&fsb=1&xpc=Q3ii9MQkKc&p=https%3A//vermelho.org.br&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 20 Nov 2021 02:35:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 maax-medium.woff2
d12xoj7p9moygp.cloudfront.net/fonts/maax/ Frame 0019 65 KB
65 KB 24ms
23ms Font
font/woff2 2600:9000:2156:8200:11:d2b:9e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d12xoj7p9moygp.cloudfront.net/fonts/maax/maax-medium.woff2
Requested by: Host: d1rx8vrt2hn1hc.cloudfront.net
URL: https://d1rx8vrt2hn1hc.cloudfront.net/builds/bundle-141e4bbf792a8814d582.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:11:d2b:9e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c40d1b27af6942a1bed6a5b3df59834401e1e95252134e87965a64a9fa893c

Request headers

Referer: https://d1rx8vrt2hn1hc.cloudfront.net/
Origin: https://anchor.fm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 03:51:20 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1464263
x-cache: Hit from cloudfront
content-length: 66096
last-modified: Thu, 23 Sep 2021 18:32:06 GMT
server: AmazonS3
etag: "08484121bb86b9868a1eadcf1c6db46d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: https://anchor.fm
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Ujn6A7LloBKL5kTSwr4pBrf2F-nQxldXwTNuBn3xVhTM7cGIokE2sw==

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14EA 143 B
163 B 24ms
24ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 20 Nov 2021 02:02:14 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A99B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

37ms
37ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 02:35:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 02:35:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame B180 35 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7147 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CD7 42 B
64 B 93ms
52ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZGoFLiAhPGnvz5R6FKfUEN1PN_688hEVstsy8z2ytwSM4nyErQZ72J6iSYe9bmWrhdUy93pqGfYmEiJeMeB7d_N2WNfJRgBwuOoy0t4Z96k_dIu08sg&sai=AMfl-YTbQEVTuXt4po2BYcAx_LlTsrRxpVrtTC0hN7Rq51UD8LCPw_xNdvMpPyuHdINMju_7w-x8b-MM8QON&sig=Cg0ArKJSzBo48wLlXi4sEAE&id=lidar2&mcvt=1025&p=0,0,280,879&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2621348647&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637375738773&rpt=3539&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 70ms
43ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b184dd81f6f3427bb990c20f5833555692de1d2d8917364035b5d7eb2ab8591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Nov 2021 02:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9372
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 14EA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

51ms
51ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 02:35:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 20 Nov 2021 02:35:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 20 Nov 2021 02:35:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 089F 35 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: vermelho.org.br
URL: https://vermelho.org.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 20 Nov 2021 02:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 20 Nov 2021 02:35:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4280 12 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 19 Nov 2021 23:04:04 GMT
expires: Sat, 19 Nov 2022 23:04:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0890 783 B
537 B 41ms
41ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de0852fb316c854aa5a4f88b359f9a4c4d1945c4e61d42c186d9dda4ee88acf9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R9uX8fXwNFM41U6PIjzwyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 20 Nov 2021 02:35:43 GMT
date: Sat, 20 Nov 2021 02:35:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-R9uX8fXwNFM41U6PIjzwyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4280 35 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 14:28:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Nov 2022 14:28:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0890 0
0 79ms
79ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2547901018465376&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2547901018465376&bg=!h4SlhMDNAAZQLpa_UC47ACkAdvg8WuFA6RUUyfUBF1kZUeuTiHawkogW2eg-6fCXUmtbgrBkoksB0QIAAABWUgAAAAdoAQeZAoSfUV5F4-IPhnzCR9OfEihvtMAaZ6ruDrH6kyxk-kFG9NKZ80O3smdfW9_Gt57Hjj6OwRLJK9nVVxIjamg4GB54he2smkTxlxJEaiVjWUgKttYP1tN16i9zz66_bNzkk22enwACX909JfCUYtrk2sJpJ6HSitGH5ZeHvW9z_xknfM8yzDFjVM69U3IuFgdpTFbGJ1kIclv4UjClnJhzRYWZybUa5hh03AInuTVpZOzZ-ykXbfp0E3NaQezsO5qBPG8uKDGLc8Xn7CXyleL9ZXumD1bVtHMis50R084GSBc0Lnq_22Y5acLAVfe1GigHTAwiBjydKWP_3MuL00UJuZIMKKCIioaZBNPe7yCTNTAZePIw9uQhkUxvXjXE2JUKEIsi6B0FCeA4f3eGrMhPVQ_4LgNHzHn6LnDQQotMj5SRqRqcQGK1xwxFcvytapghTrHdBlEXTRkWADYetzxU9lXvjaQAkJ_DLCdHLX9x7QfnRJbIvLKwAegwMydeusq7RkbNaeOCvzl50c3_JE52nh2sWU4D9Jv4uRBaZ6cF-XZ6Ztbx2u0Uudw2cXaZ4brXoUOlSfaiCA4rClFJk72xlIIaTcBwb4rgEnhamF_fYt-a7ySa9xIEWnlsth_oiMBHwvSeytsWSvqDQaXSGh0LxUaNVlJixaoE9Wyjn421tZCeK6GEGNY4m0F7FlQD6YR7fElrCtEPUK6AiOTHYNcZmxicyq0B6oNPp2tzGNJPTq5W-LZgZrWc0NADPPtmKKnCBuDLK3PNcmYYhMYcyMayvbTqSw8l3doQ1zQ3ZeyoUkvGrW390GksKUgjUIjGwqTtLSFzyHJ-pXDzBnI31Ox9yClgy9RC-Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://vermelho.org.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 92FF 0
17 B 125ms
62ms Ping
image/gif 2a00:1450:4026:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kw778nbm&c=181796758759&slotId=90898379379.5&qqid=CI-nnvrzpfQCFc0y4AodCIsKZQ&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/57a53ef409095c62d62662153513db7d.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4026:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 20 Nov 2021 02:35:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9239 28 B
54 B 47ms
47ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5-u7IYb9rX0
X-YouTube-Client-Version: 1.20211117.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt2UWJSX3Q4ZlQ4USj6veGMBg%3D%3D
X-YouTube-Ad-Signals: dt=1637375739145&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C757%2C437&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 20 Nov 2021 02:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 20 Nov 2021 02:35:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: anchor.fm
URL: https://anchor.fm/podcastzero98/embed/episodes/39-CPI-da-Pandemia--Paulo-Guedes-emparedado-e-o-Enigma-do-Maranho-e10eemb/a-a5g97ps

Domain: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-eooftm

Domain: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-en41c3

Domain: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-emqa5v

Domain: anchor.fm
URL: https://anchor.fm/olhar65/embed/episodes/Podcast-De-Olho-no-Mundo-por-Ana-Prestes-em5fe4

Domain: www.youtube.com
URL: https://www.youtube.com/embed/5-u7IYb9rX0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 03:13:06	Name: NID Value: 511=T6q1MMfuWxkvEU3q1AGHTgB9FaR_T73Z4oZ-rm08Nk6tm54tU7vYW5xH5QqpTQMbAZFFHu35ipSYm8HcimvCLACYCs7uhCv5eSAzJFs0entr7mHm1OMgkQRI30zqmlr8TDk86Eo65QOqoEO9GQUnNUIWKgyM8ivs98OMzgVN05Q
.vermelho.org.br/	1970-01-20 16:20:47	Name: _ga Value: GA1.3.2119234257.1637375738
.vermelho.org.br/	1970-01-19 22:51:02	Name: _gid Value: GA1.3.1674602506.1637375738
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qgkOtpaceDU
.youtube.com/	1970-01-20 03:08:47	Name: VISITOR_INFO1_LIVE Value: vQbR_t8fT8Q
.vermelho.org.br/	1970-01-19 22:49:35	Name: _gat_gtag_UA_16466631_1 Value: 1
.vermelho.org.br/	1970-01-20 08:11:11	Name: __gads Value: ID=0bf376222e1cb1ee-224368e3e3cb00b9:T=1637375739:RT=1637375739:S=ALNI_MY4r7CdIgfHsol2sLJ1er58iwzBlQ
.doubleclick.net/	1970-01-20 08:11:11	Name: IDE Value: AHWqTUnhW2BmqtJqJq1ZNUiphUjG68z9tFDpqOY_8hMOL-LjxXtcv2FNHwf9KWmQL9g
.doubleclick.net/	1970-01-19 22:49:39	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 00:59:11	Name: CMPS Value: 5211
.mookie1.com/	1970-01-20 08:18:23	Name: id Value: 10816661143720977834
.mookie1.com/	1970-01-20 08:18:23	Name: mdata Value: 1\|10816661143720977834\|1637375743123
.mookie1.com/	1970-01-20 08:18:23	Name: ov Value: 0ae34dca5d038ed359aa96c25b8dcc68
.casalemedia.com/	1970-01-20 07:35:11	Name: CMID Value: YZhe-09jbRoME9chAmeCxAAA
.quantserve.com/	1970-01-20 00:59:11	Name: d Value: EF4BCQHiJIEA
.quantserve.com/	1970-01-20 08:19:50	Name: mc Value: 61985eff-27cdb-ad818-d5737
.openx.net/	1970-01-20 07:35:11	Name: i Value: b0c01723-5e3d-477c-b008-da928feae31b\|1637375743
.agkn.com/	1970-01-20 07:35:11	Name: u Value: C\|0CEApKxt_KSsbfwAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 07:35:11	Name: ab Value: 0001%3Ayeb1xhuMLbFPa7v26b5Yx9t0itc1r%2FUh
.casalemedia.com/	1970-01-20 00:59:11	Name: CMPRO Value: 1101
.casalemedia.com/	1970-01-19 22:51:02	Name: CMST Value: YZhe-2GYXv8A
.pubmatic.com/	1970-01-19 22:51:02	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 00:59:11	Name: KADUSERCOOKIE Value: FF57CAFC-3D53-4230-8674-2DCCBFD561BF
.e.dlx.addthis.com/	1970-01-20 08:19:50	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:19:50	Name: na_id Value: 2021112002354300078403573039
.addthis.com/	1970-01-20 08:19:50	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:19:50	Name: uid Value: 61985effa3189b4f
.addthis.com/	1970-01-20 08:19:50	Name: ouid Value: 61985eff0001fb366cbc75fb9e3f0847c18e74db8fee2f2d0da8
.dlx.addthis.com/	1970-01-19 23:32:47	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:32:47	Name: na_sr Value: 20211120
.dlx.addthis.com/	1970-01-19 22:49:35	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:32:47	Name: na_sc_e Value: 0
.innovid.com/	1970-01-20 00:59:11	Name: uuid Value: b6ea006f-6abf-482e-9530-51d06faadacb-20211119 21:35:43

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_push=AYg5qPKeHv-EnuxazJQ_pypXVrah6_8DDoRMTwNvL1vxp_pYas_e0MG-aneIO95Da2NYCX0fBdk6PsjNSL0TwH88KlHZSGFpsDg&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZhe_09jbRoME9chAmeCxAAABE0AAAAB&google_gid=CAESEOOf6bNO67aNquf4HoLkUcY&google_cver=1&google_push=AYg5qPLfAsLRe2qsvZJzHm2LlzyjX-GSxt1U3JP9WXfrM5L4JspC4xKKbZzCq7PIePLAG9e_xAi03M0_KYJzDvaMzir3Dymaq5PZ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
anchor.fm
apis.google.com
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
d12xoj7p9moygp.cloudfront.net
d1rx8vrt2hn1hc.cloudfront.net
d3t3ozftmdmh3i.cloudfront.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
image6.pubmatic.com
odr.mookie1.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
rr5---sn-4g5ednde.googlevideo.com
rtb.openx.net
sentry.io
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
use.fontawesome.com
vermelho.org.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
anchor.fm
cm.g.doubleclick.net
www.youtube.com
104.111.215.191
142.250.186.66
142.250.186.98
151.101.130.133
185.64.190.78
192.0.76.3
2600:1f14:d24:9300:b360:915c:21c:8f3f
2600:9000:2156:5c00:7:c135:4380:21
2600:9000:2156:7e00:1e:f77c:1000:21
2600:9000:2156:8200:11:d2b:9e40:21
2606:4700:3031::ac43:d645
2606:4700:3037::ac43:9ae6
2606:4700::6812:e134
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:17::a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2016
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c07::9b
2a00:1450:4026:805::2003
3.124.136.236
34.199.60.215
34.98.67.61
35.188.42.15
35.227.252.103
69.173.144.165
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
010b43f9051b9c6ca0f216db578e67a42d5e0802c77c8d53ef9d718f9781a6a2
016b262721520b42254b260dd780a6811da4b1de05556348fdbbdd03f510df47
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
02d30094919da411d90ad158ee1ee772f824e9fd113dd7e9b13590e797af6099
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
09f17d12e1e53a5770cd7e7202003e4e19ed1241c6333f6daff58975b81ddb9d
0b0f25226689e8ba1edfc45c191aa3540d34407605df88b5d830137373cfb308
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
13e044ca703a01a7e376551ac09e8b5763bba33f5f2086e1449ea0db8a2fa3a6
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18257bc82dde053b5e701d1bda372d269ca846168c09999768662f24eab8a9c3
19c40d1b27af6942a1bed6a5b3df59834401e1e95252134e87965a64a9fa893c
1a2c0758001da905363963623f1c6adc224cdd50024be93190c8a7a8484a11de
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1aa29e5ee2a9f041f8252d1e747848df7058e70788d1818eac96a697e72878f0
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c733809a15b6fd666d9c4e02e6fbf1382e73b5fbbba07d4cf8c5f33046c035a
1cf3207fc8cd56e5fd77f3a4452ce54bd6ea0aa3f090a88917fcb7b3639b61e9
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f464ef7c0b366ff00e2f023cb6b48112306212648e451ddf16be40c2b99d639
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
280eabb280d3ecf13a0d195d35114d2fb0060e882fed9a8225b896ccc558f649
2908155de48032de1144ce3e33623dcdbfc2eefdbeea62c79170d62131d7dc7a
2b2693de993b0846e11d3c19cd0cdeb38781ee4daf8dbbb19dd7c80a66971831
2c397fd8b08a1ab365ebf2e72a8d1a87faae6c217b22e257a46b20a58c868b04
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3313f817ed0ff25955f86f43383d73cc4636c693c9ca16856a7a7f21043fbbd0
340673960d6666b4ebc1abd7ef60c2828a21a61ae75a6e82d9b58ff25b1cd0c5
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
38ca27dd58e0030fb7b370186af0d4d198d82207d9bddf298af57e0a54085406
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3ac05d01e8bde89e497508c7faf2aaa0cc6ea9021c1b056ce0ee990bb47eeb1c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457f9195f81f8e23d0e1d0ec32c3abc16e4b404474d61b3a2dab017e8d4b9e7b
45a87e74cbddfcce22637b749168e0470392754c8a14b4807b706e8334658b01
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4de9335023ef83ea41ca6835b2fdd1c8e432432543723ba51bd85bd4c55a9cc8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f204659054c21bc4cd369803dc27e86f32015b8dc8b9c39e64847f3c0f295af
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
500887f6239dc6685e055ce31de2caefd90089609e8df7842709a4184ad3609f
521d244c465ba4f60aaaf81fa420a7aef88923d0891a4725db29d8cbd4239bb5
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
57779365e1b719071be3541c3f49d802d2cfa366f97e26efa34f2da8d88919ca
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
5b18e0d2a13d1537a6444804ccd6906071d3c5a29bf387d7a95d99e7525adbcd
5b6fdf9e0d5abb3051ba04531fb57d00991dce00a24da6b989a3ee47df8f3095
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d49750f29724f6519e7461b32849b7c2f76f8101a1d47ce449ba3043734e92c
5ec68a03ce8a66c2868e589a402c268e3decb59db6fe66510da42531a38a4490
5f81177a287b9bb84978cd08666d3ca90a5604b244e94cfc69473958006c51a5
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6647d73e9add3a0c2a28a4904c8da8d090aa1a255713c60c7f3deff38e55b71e
67487c184e81573e85c1989529a7226606910caf35efc057e65a72748912c216
6777e7eb907ab5b0f9772778a42ae096a5c9da1afc8fd5bec0c817ef4af437e1
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681f6c3adc00102724deae60d5335a91251b518fcb212fb47bbd7c18dc62a2a3
691af040ae9acd5fca6095dea68c1ff14652d42378dbbc63c92a6c5b9a8f94d8
6947050b05cdb618d5465eeec33f4d089b76e264219950c099c1d91298387c88
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
6adecd563358549890941c65cafdb83b9685a1707afd2e695133702eb1dc3090
6b184dd81f6f3427bb990c20f5833555692de1d2d8917364035b5d7eb2ab8591
6e07af6e44fa7fd02b034eec47d8ca9005e28a0fb7f24b4ee0d4c1d4a5e7ee7c
6eb03531048be7cfd4e43d6084f3ec0b30c4e8025831854d1c6a1b811a2d30eb
7218117dfd3d31f2e69daadbeb274349fbfccc4780466e3231a6def94034de0c
72c96fc8045125aa59cefda913c88cb73a126ad83ba766d04e585c2d3565c303
74f4e0d549339be6f6bc9f1d16e8b58b645ae40049cf1487263efea9459316cf
7808c6d7660fb4c222c785e3e0a225bc1324a30f3c96549a84b62394fd94a08c
785e8ba1c5d874ec2ca991f74ee524b90617b8003060e8005074ff16597e1193
7954f007e9aa82d6e368ba89484584d864ed1939ad5b3ba187c26dc38e3901f3
796754b78e39bedf56d7925e8441787bf9d9723a5069deea230b223acd4c2313
799b784221425b49203a719181ffb89ddc0450e8650a177599c11ad5e446f56d
7b07fc5a9a62a94c9ba73d9d6f159e742c35ea40d7671df2569fc49f77c7a7d9
7cc3d8163b969402a568ff3c2e434bc8d2944e75b1109a51447f590d967bc2b2
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8298d1c674a0244a7d26b951fa5359cac2573a86d11dd886210712545f8681ba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8887963fdc2417f93a17d3ccab9ab1af41772b05f1f152b265250abbc2ab4f50
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8c62a6d499e21b15858aac54ab5ced3cd019f59658f235167a80164ea9fd96ed
8d3207c0463f93ea7fab2b927adf160d1d83eebf0d2c54f9f5b3b1a7beb859ca
8e6ca9daa8b949e044fd864b5f526d2aa898ffd1ea1a19b6705b427a14f3bfab
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93404e3aa5816108cac14b006217d7d57ffb5e7aa827112f1924ee4650dcc3a0
975f67b4363e7358e8e4a4c2ec8e15863bb1dec7da9a0240a6b5d3dc0930e69b
97eb37fb5978dc93ee005921feeea6fcf1edf214a18e91c694282de8a75e470d
9a60e1c7b9f20b327b1a1ff989d6c61bbd77433ae22dc4a3a14d2be2b7636606
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dd1db00ed32d1cf4187f2ae448791d5c1f1478521cf9fa6ac2c63d65f0c6cfe
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d93cac9e8d3c8802a1926a35ce2117c2765d4784d7937dd81e93a6a5155982
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a468d753433d65e52288ad8479ea077d49b61cc2d7003747766c27acdb85e856
a4973fef166b9b68e98dd622660a5f80fc3e72ffbe692aa5b6e1a744d9db94af
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65968a8e9ea6126eb6fe9863c08b4300d84188ea5a7bcd5a8772eed0094f356
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762
aa1c72e44c5aa91d24fc6ef2966a7d68363dd342bc325989e9f4dfaae39f54f0
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad1956c53bc8e4d0a48803388e5c2f094e7eb3ba411ffb84eb2ac4358af39f7c
b30670a49c3a4a6f6577d6c5fe383f54e16a49813c1e92ab640b8e4d6c96fb36
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b54c2afa005715607fa2184fa10ae33fabea35df2041dd91fe74f131709745e5
b569d48c771b5d86c1830cf3c81133d19149453e742097cbd4da5fbf0059be68
b76916678f29381eb46e3c527540b3b580f88ce94491131308ac406d4bc620e3
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
bd6818895fddb9f737d42abc4a0303821256f704c04df2bf0daada410ea7c71d
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be34ec9a0775d1541c4e659182d9ccf42e3a4671de5ec3235aa4ed11e7e0117c
bf458405b2d36ebb75f11aed227db509eaabf99ad1e42cc7f8edc1372c146941
bfb2c882e957a5eeeb045593e84e67c517dc08ba8583d02a237307264ec95fb0
c1052143f6dfde382644e6fe5b99fc28a3b0a72199bd2f8e59fa080048ffe304
c18dcfa8f1ea9e798a49993ca4140c4e8ba8d7ca21d93dbc336c736e53fac4cb
c202f23c7e3f453c5114bb94690c6c88a4fcbfb9c9008e03f8f6617fbc10c690
c3403788fe7af239897e0932f9578e80a769b1e83a1486cca0626c19a24eab4f
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
cb51857eea3ee25b45a8a8e7e92a63a07b75c4feb62904e5a61e53e5eeb6286d
cd6541a44bb5d9b6ad44cdf197897751fabfbf26f79b6ee0ddb73c9d0dddd16b
cd7388a2bf86c8c153168826ebe5b48dc39d25f5d466e7aee86dd28bb3278bd2
ce2aff1e3d4e97dfa8370e7821bcab06e327155997019277dc741744a7a3f104
d19bf1f367f5cccc68de7200764b86ce5113debd0c95dda86df7071511c8c13f
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d93f8b50f58efba0b2bab20ba32aba45dd3a30632e2e484df52078550c6ed2d5
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
daee335f9488c86ad37209f622d71e5aaedb5b19a5c89abd81df79ca60017922
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
db8deb30d5cecf873a6361b5410aed53a439e46072dcd6af4dc2481e44ea2a59
dbd90b0c9d18f5198f6505fe69913c81c0d2ffa5536bdea1144fd4c5acca37f6
dc2d26bc6b4226522a5f97b89a699ead436a0094ab6ee08686058026fb4b7ba8
dc655d29454f68e8ff3a1f06f494e56b4b6feac9e7c1531d03c67c93cf97a29e
de0852fb316c854aa5a4f88b359f9a4c4d1945c4e61d42c186d9dda4ee88acf9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e26912d92c35c13e9c6406ef81f5de72e92947303ad38823c1bd30783f15d6da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5232d1cec40247149f34ca237b67a39cbe929a5a7595a0b0a61cd24ddfc022a
e66c0ea37528ee3951dcacac5aa0aba4ef4b0b6bf9e30eedb18dd264be48feb4
e6f9d5fd0da9dcaed7fbff908f393acf2b16bf661bdf5cc1854997b0473d91fc
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09867804dd046ea0a3d57c4469b1ded3621635d4e329f9a551c5262f80bb4f3
f2d0de6ee8c30ba9c9721a9994c6478003805ecc56e4691ed69795f56d9db838
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
f849607f550d3e11cf34445498da3bc51184515c7962144a7e3a2ba7b3531868
fab32db68ce6fe74ef430dae027cea86b4a985324de3e733fd76043864ba0596
fcdb8a1d08b3fecea9b8650fd7651a8e161b313b4240eb181dbdeaec96da5f4f

vermelho.org.br Open in urlscan Pro 2606:4700:3037::ac43:9ae6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

315 Requests

94 %HTTPS

71 %IPv6

30 Domains

43 Subdomains

35 IPs

5 Countries

19408 kBTransfer

57219 kBSize

33 Cookies

18 Outgoing links

Page URL History

Redirected requests

315 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vermelho.org.br Open in urlscan Pro
2606:4700:3037::ac43:9ae6 Public Scan

Screenshot
Live screenshot

Full Image

315
Requests

94 %
HTTPS

71 %
IPv6

30
Domains

43
Subdomains

35
IPs

5
Countries

19408 kB
Transfer

57219 kB
Size

33
Cookies

315 HTTP transactions
23 data transactions