www.otempo.com.br Open in urlscan Pro
2a02:26f0:3500:12::1730:178f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.otempo.com.br/
Effective URL:
https://www.otempo.com.br/
Submission: On January 06 via api (January 6th 2024, 6:08:14 am UTC) from US — Scanned from DE

Summary HTTP 219 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 44 domains to perform 219 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:178f, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.otempo.com.br. The Cisco Umbrella rank of the primary domain is 634764.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.

This is the only time www.otempo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:350... 2a02:26f0:3500:12::1730:17b0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
57	2a02:26f0:350... 2a02:26f0:3500:12::1730:178f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:244... 2600:9000:2449:ee00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20c... 2600:9000:20c3:5000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	52.208.197.4 52.208.197.4	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.117 108.138.36.117	16509 (AMAZON-02) (AMAZON-02)
1	52.222.253.136 52.222.253.136	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.253.139.156 34.253.139.156	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	34.235.12.81 34.235.12.81	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.62.22 63.140.62.22	15224 (OMNITURE) (OMNITURE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::201b	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	52.13.15.187 52.13.15.187	16509 (AMAZON-02) (AMAZON-02)
8 18	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5 9	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
16	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 1	23.35.228.210 23.35.228.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.254.208.131 34.254.208.131	16509 (AMAZON-02) (AMAZON-02)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:249... 2600:9000:2490:8400:19:8ca6:3640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
219	55

1 2a02:26f0:3500:12::1730:17b0 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.otempo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 2a02:26f0:3500:12::1730:178f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.otempo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2449:ee00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:5000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.208.197.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-197-4.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sempreeditora.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-117.muc50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.139.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-139-156.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.12.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-12-81.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.22 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-22.data.adobedc.net

sempre.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.13.15.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-15-187.us-west-2.compute.amazonaws.com

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.36.155 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.149 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.208.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-208-131.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:8400:19:8ca6:3640:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pathtosuccess.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	otempo.com.br 1 redirects www.otempo.com.br — Cisco Umbrella Rank: 634764	1 MB
43	googlesyndication.com f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185 ade.googlesyndication.com — Cisco Umbrella Rank: 360	268 KB
34	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677 ad.doubleclick.net — Cisco Umbrella Rank: 199	312 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	8 MB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796	6 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	6 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 45211 usr.navdmp.com — Cisco Umbrella Rank: 50426 cdn.navdmp.com — Cisco Umbrella Rank: 33736 sync2.navdmp.com — Cisco Umbrella Rank: 78647 sync.navdmp.com — Cisco Umbrella Rank: 41196	6 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1280 s.clarity.ms — Cisco Umbrella Rank: 13375 c.clarity.ms — Cisco Umbrella Rank: 2579	28 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	1 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 359 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 925 aax.amazon-adsystem.com — Cisco Umbrella Rank: 464	75 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 726 rtb0.doubleverify.com — Cisco Umbrella Rank: 1489 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 20977	22 KB
3	adform.net track.adform.net — Cisco Umbrella Rank: 4333 s1.adform.net — Cisco Umbrella Rank: 8363	21 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1105	968 B
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	1 KB
3	gstatic.com fonts.gstatic.com	79 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 313 sempreeditora.demdex.net	5 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 572	48 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	258 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 gadasource.storage.googleapis.com — Cisco Umbrella Rank: 158187	26 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1559 s.tribalfusion.com — Cisco Umbrella Rank: 3590	1 KB
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 1215	207 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	381 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	129 KB
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 1969 sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	894 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	89 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1998 c.go-mpulse.net — Cisco Umbrella Rank: 850	50 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2137 pixel.quantserve.com — Cisco Umbrella Rank: 1736	10 KB
2	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2311	25 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 943	363 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 5728	104 B
1	pathtosuccess.global cdn.pathtosuccess.global — Cisco Umbrella Rank: 29603	115 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11689	1 KB
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 3385	199 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 620	608 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1007	236 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 3160	622 B
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 189579	461 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 539	762 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	omtrdc.net sempre.sc.omtrdc.net	345 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1643	201 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	256 B
1	google.de www.google.de — Cisco Umbrella Rank: 4002	408 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1945	644 B
219	44

	Domain	Requested by
58	www.otempo.com.br	1 redirects www.otempo.com.br
26	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
18	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
16	s0.2mdn.net	www.otempo.com.br s0.2mdn.net
12	tpc.googlesyndication.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.otempo.com.br googleads.g.doubleclick.net s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	www.otempo.com.br securepubads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	onetag-sys.com	2 redirects f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
3	eb2.3lift.com	3 redirects
3	www.google.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com tpc.googlesyndication.com
3	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	www.otempo.com.br c.amazon-adsystem.com
3	assets.adobedtm.com	www.otempo.com.br assets.adobedtm.com
3	www.googletagmanager.com	www.otempo.com.br
2	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com
2	ade.googlesyndication.com
2	track.adform.net	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com s1.adform.net
2	googleads4.g.doubleclick.net	www.otempo.com.br
2	image6.pubmatic.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
2	www.googletagservices.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
2	tag.navdmp.com	www.otempo.com.br tag.navdmp.com
2	c.clarity.ms	1 redirects
2	s.clarity.ms	www.clarity.ms
2	region1.analytics.google.com	www.googletagmanager.com
2	dpm.demdex.net	assets.adobedtm.com www.otempo.com.br
2	connect.facebook.net	www.otempo.com.br connect.facebook.net
2	www.clarity.ms	www.otempo.com.br www.clarity.ms
2	static.chartbeat.com	www.otempo.com.br
2	fonts.googleapis.com	www.otempo.com.br client
1	dis.criteo.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	cdn.pathtosuccess.global	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	s1.adform.net	track.adform.net
1	ad.doubleclick.net	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	m.exactag.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	match.360yield.com	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	sync.navdmp.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	ivccf.ivcbrasil.org.br
1	gadasource.storage.googleapis.com	www.otempo.com.br
1	c.bing.com	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	www.facebook.com	www.otempo.com.br
1	sempre.sc.omtrdc.net	www.otempo.com.br
1	ping.chartbeat.net	www.otempo.com.br
1	cm.everesttech.net	1 redirects
1	sempreeditora.demdex.net	assets.adobedtm.com
1	pixel.quantserve.com	www.otempo.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	www.otempo.com.br
1	stats.g.doubleclick.net	www.googletagmanager.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	rules.quantcount.com	secure.quantserve.com
1	s.go-mpulse.net	www.otempo.com.br
1	secure.quantserve.com	www.otempo.com.br
219	72

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
api.whatsapp.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
assine.otempo.com.br
meu-perfil.otempo.com.br
www.otempo.com.brhttps
webstories.otempo.com.br
especiais.otempo.com.br
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
www.otempo.com.br R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-15` - `2024-01-13`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ivcbrasil.org.br Amazon RSA 2048 M02	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
cdn.pathtosuccess.global Amazon RSA 2048 M02	`2023-04-20` - `2024-05-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.otempo.com.br/
Frame ID: AFD8551F2DBE45B5AAC0DD4263104C61
Requests: 120 HTTP requests in this frame

Frame: https://sempreeditora.demdex.net/dest5.html?d_nsid=0
Frame ID: B62738472DE41BCA80209A47B235BA6F
Requests: 1 HTTP requests in this frame

Frame: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B62AE3C235C849F0A346F4F4199333C
Requests: 1 HTTP requests in this frame

Frame: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 079996981846126DA2E815DB208E096D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYjsHx0wEwAQ&v=APEucNXoIOSFOe5H2UX8l2AM2tVZb-5dHADYG6KKQRBoaKrgtaLgOPTMTXHAk1L_YmjCZzGI7BALNN2VXP92mZHQz5s7OQEIqacCXzglT-EGX2JTwUA2taBgi-meagp6HW4eHnhuMs2rKsvQrZq9DeibGk-bhT_N52nC-BzRTwZQ0ceNUoSjNS4
Frame ID: B49F6536E164678D1E844401B0B25CDE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7FDEB26B56CEE3C1B66F4583A1D9BE0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D9A80C5362519812AF67A6635922E13
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7ED644929E3232C5D5B88E7C140F5175
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3F656205B415CE0363C50F79E5B4F2BA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Frame ID: 85D277EFEF02BA642C142BA359F62AD8
Requests: 17 HTTP requests in this frame

Frame: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF8D5FFB3BF6CE7801982C730CA9F259
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY_pTo7QEwAQ&v=APEucNXupweFDWuxG6q06bexMhobzNFLZfQeABxInD4p31ECMPH3FjexNOm8L-UrZ5gmO6a8NWaltv8Bp1S6lJXOdCRqMyjB5Zk6qJNj9Q7VflQwBeSisTyPxVKRyw2C1GqreZer77-9jFA6bMyeakaZi_Wdx210fZ-w-XGRyOZKpC3DtqRw2pU
Frame ID: B51459FD50DA787DC554D349199215F0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5C1D29FD06DBE451F6E527170ED438AC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 65E62D8BAA9DE7429FFBA0EB9A0A65AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FEF8DAEA8381C6F4214DFD10FE2F5628
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPO

Page URL History Show full URLs

http://www.otempo.com.br/ HTTP 301
https://www.otempo.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

219
Requests

90 %
HTTPS

51 %
IPv6

44
Domains

72
Subdomains

55
IPs

9
Countries

10956 kB
Transfer

17691 kB
Size

54
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/otempo

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5531988100917

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portalotempo

Search URL Search Domain Scan URL

URL: https://twitter.com/otempo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sempre-editora/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/otempo/

Search URL Search Domain Scan URL

URL: https://assine.otempo.com.br/
Title: Assine

Search URL Search Domain Scan URL

URL: https://meu-perfil.otempo.com.br/login?url=https%3A%2F%2Fwww.otempo.com.br%2F
Title: ENTRAR

Search URL Search Domain Scan URL

URL: https://meu-perfil.otempo.com.br/login?url=https://www.otempo.com.br/
Title: ENTRAR

Search URL Search Domain Scan URL

URL: https://www.otempo.com.brhttps//www.otempo.com.br/sports
Title: + o tempo sports

Search URL Search Domain Scan URL

URL: https://webstories.otempo.com.br/web-story/tour-gelado-6-destinos-irresistiveis-para-quem-ama-sorvete/
Title: Tour gelado: locais irresistíveis para quem ama sorvete

Search URL Search Domain Scan URL

URL: https://webstories.otempo.com.br/web-story/projeto-fitness-para-2024-8-erros-que-voce-nao-deve-cometer/
Title: Projeto fitness: 8 erros para você não cometer em 2024

Search URL Search Domain Scan URL

URL: https://webstories.otempo.com.br/web-story/prolapso-da-valvula-mitral-o-que-era-a-doenca-de-joao-carreiro/
Title: Prolapso da Válvula Mitral: o que matou João Carreiro; saiba

Search URL Search Domain Scan URL

URL: https://webstories.otempo.com.br/web-story/tragedia-em-bmw-como-gas-toxico-pode-levar-a-morte/
Title: Tragédia em BMW: como gás tóxico pode levar à morte

Search URL Search Domain Scan URL

URL: https://webstories.otempo.com.br/web-story/quem-e-jamile-lima-influencer-que-estaria-gravida-de-neymar/
Title: Conheça influencer que nega esperar filho de Neymar

Search URL Search Domain Scan URL

URL: https://webstories.otempo.com.br/web-story/bbb-24-fim-do-jogo-da-discordia-veja-principais-mudancas/
Title: BBB 24: Fim do Jogo da Discórdia e muitas mudanças

Search URL Search Domain Scan URL

URL: https://especiais.otempo.com.br/
Title: Mais Conteúdo

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.emotiondigital.sempre_editora_fix&hl=pt_BR&gl=US

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/sempre-editora-o-tempo-super/id653128999

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.otempo.com.br/ HTTP 301
https://www.otempo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://cm.everesttech.net/cm/dd?d_uuid=33892577743377699883579346569103724422 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZjuSAAAALbSNAOJ

Request Chain 105

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B152808653364D329C4CADEDF562B34A&RedC=c.clarity.ms&MXFR=3F64FC89569F66A51334EF77529F6862 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B152808653364D329C4CADEDF562B34A&MUID=39FB53BC86996F052803404287336E99

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlchghLUg8wN2TG1r_gaFU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlchghLUg8wN2TG1r_gaFU&google_cver=1&C=1

Request Chain 124

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZjuSXXOYchA-UmQGIgjsQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7fdTCFTGF3GYa-96jaO4A&google_cver=1

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPydnAwC_6Q9-wIXYyr3_mc&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPydnAwC_6Q9-wIXYyr3_mc%26google_cver%3D1

Request Chain 126

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMzMyNzQxODg5OTUxMjg1OA%3D%3D

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85596790019 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=85596790019&google_gid=CAESEIEP_VdDCXmERPs6zvgtlCw&google_cver=1

Request Chain 142

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=26386598-ee4a-4e00-8127-43427589f5ad

Request Chain 143

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 146

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOtypwID-DsPYP2PDpAEUNI&google_cver=1&google_push=AXcoOmRvbbrnzW4-4r0IGgEccbRmOVCtbys2-h_AiOcSbwFbpPEWCFEovm2k530wNGWIlzK6LgOEILzMMOt2ua6-bU3-TJ2NPkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxTllTTFMtOS04VlpH&google_push=AXcoOmRvbbrnzW4-4r0IGgEccbRmOVCtbys2-h_AiOcSbwFbpPEWCFEovm2k530wNGWIlzK6LgOEILzMMOt2ua6-bU3-TJ2NPkg

Request Chain 147

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMag9td5jbBFegGK4Leeag&google_cver=1&google_push=AXcoOmQW8fMWGLI7X2niPDAqGObwWicaI2-XJFywhfj5UTR8Fqv4vkctdqUepywdWquf8f2rDngQUpL9kyOqS5P1wjzTScdeOVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMag9td5jbBFegGK4Leeag&google_hm=ZZjuSXXOYchA_UmQGIgjsQAACHcAAAAB&google_nid=index&google_push=AXcoOmQW8fMWGLI7X2niPDAqGObwWicaI2-XJFywhfj5UTR8Fqv4vkctdqUepywdWquf8f2rDngQUpL9kyOqS5P1wjzTScdeOVg

Request Chain 149

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH6CLhkCIopCF4K2_B1494w&google_cver=1&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w&google_gid=CAESEH6CLhkCIopCF4K2_B1494w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w

Request Chain 150

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGyPYY5zGE1hbKTaZPuOq_I&google_cver=1&google_push=AXcoOmR26DB3WjiDS81h1bAr8Wxc1QZvtzN8IpP6rAp0du5BB8UhSE_89Fnxwi4pVvAwtDTOcTnn9CPF9ouTkJ6xyxK0e1cg2DI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR26DB3WjiDS81h1bAr8Wxc1QZvtzN8IpP6rAp0du5BB8UhSE_89Fnxwi4pVvAwtDTOcTnn9CPF9ouTkJ6xyxK0e1cg2DI HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZjuSXXOYchA-UmQGIgjsQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAhFmyDnB5CyxHhmIfEMjr8&google_cver=1

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2OTkyMTgzOTkyNDk4MjUwMg%3D%3D

Request Chain 213

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3ZHErQPfVUiqoz66TYlvA&google_cver=1&google_push=AXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3ZHErQPfVUiqoz66TYlvA&google_cver=1&google_push=AXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMxXiIjZFc6logWjr4-uNXc&google_cver=1&google_push=AXcoOmSpi7CNTyY6rbhaqhkzXE5_cjkga51ikDax1PN_VKFJ_4zHAUjra78QoF5U8bb8tZaqUB9eFoQQ2mOl3dqhicegTyqgtSo3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpqdVNBQUFBTGJTTkFPSg==&google_gid=CAESEMxXiIjZFc6logWjr4-uNXc&google_cver=1&google_push=AXcoOmSpi7CNTyY6rbhaqhkzXE5_cjkga51ikDax1PN_VKFJ_4zHAUjra78QoF5U8bb8tZaqUB9eFoQQ2mOl3dqhicegTyqgtSo3

Request Chain 217

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPV-z5GxZ_Dac2zWdeHrthg&google_cver=1&google_push=AXcoOmTMm9feK6MsFGj5jSdc93Ga8QokDk5BJVK95OfRNNU94Pv1WrpKcJlEBoZbUf_Tp5_xttTuioGyFq-N8goYYtHgZ0Xi6sGZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTMm9feK6MsFGj5jSdc93Ga8QokDk5BJVK95OfRNNU94Pv1WrpKcJlEBoZbUf_Tp5_xttTuioGyFq-N8goYYtHgZ0Xi6sGZ

Request Chain 218

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBNbk37tiCBxT6hIiaoGV2Y&google_cver=1&google_push=AXcoOmSjNCrQ51ZtPt9kfJMReATTcKa1XF1P3GNVGEy7cKGfgyvgGH62MlFZIn-JJxZAMcx1UVRFeSGlkkzPYGWmVfhtRTtZQwWX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSjNCrQ51ZtPt9kfJMReATTcKa1XF1P3GNVGEy7cKGfgyvgGH62MlFZIn-JJxZAMcx1UVRFeSGlkkzPYGWmVfhtRTtZQwWX

219 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.otempo.com.br/
Redirect Chain

http://www.otempo.com.br/
https://www.otempo.com.br/

3 MB
435 KB

159ms
58ms

Document
text/html

2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

50fc06cd2957894add704f8a84083107be16c1b998e9a18c4e8f2dd4b53b618d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=150
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sat, 06 Jan 2024 06:08:07 GMT
etag: "2dacb6-e4b4Qf4qokQ19rHXJaiJMjCH/qk"
server: nginx
server-timing: cdn-cache; desc=HIT edge; dur=18 origin; dur=0 ak_p; desc="1704521287536_389027471_176191522_1780_6879_32_68_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 442606 0 pmb=mRUM,2
x-frame-options: SAMEORIGIN

Redirect headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 06 Jan 2024 06:08:07 GMT
Location: https://www.otempo.com.br/
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1704521287464_389027504_474096765_12_7082_32_0_-";dur=1

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&family=Montserrat:wght@400;700&family=Roboto:wght@500&display=swap

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb213ab6002100e2541d3c45d40e0eeb1252f302945f03dd065a242555cfc291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 151ms
86ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c1d9eeddee16418ec4c4451eb9c7b3cfee5e2d312858b0f6dbe9493e4b9ecaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29103
x-xss-protection: 0
server: cafe
etag: 181 / 19728 / m202401020101 / config-hash: 2026918608723226553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
97 KB 120ms
70ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0b7b6dec30f663101b0e78816b18f674caf3225c616cb9c7aed7865a2c224bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 93ms
43ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F1R8GNWX4Y

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dffcabaed223f9df1246c3b2588ce04da46953ab281525b087bf3d373c6d005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 127ms
23ms Script
application/x-javascript 2600:9000:2449:ee00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:ee00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:18:42 GMT
content-encoding: gzip
via: 1.1 6c60742ba67aa10b881e511aba8e470a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 38965
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: F2G0SH6qVmqutujIRfKYfmkhasuJE2D3C-PXzLaSo7Z_4buxhVRsEQ==
expires: Sat, 06 Jan 2024 19:18:42 GMT

GET
H2 200 home.js Show response
www.otempo.com.br/plugins/advertising/dfp/ 9 KB
2 KB 161ms
158ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/plugins/advertising/dfp/home.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c651d5ed074b026f306c796ec12d61b98c8ba4f0835419338ee0a43fa3fc12ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 19:45:44 GMT
server: nginx
etag: W/"2517-18c1250f240"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=85, ak_p; desc="1704521287685_389027471_176191530_8915_5784_32_0_219";dur=1
accept-ranges: bytes
content-length: 1908
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 home.js Show response
www.otempo.com.br/plugins/advertising/amazon/ 6 KB
1 KB 146ms
143ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/plugins/advertising/amazon/home.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e20688aa8c37d0fedd935bf2b1024d0d9329e6bcbe257c9ba617a4084dcd05e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 19:45:44 GMT
server: nginx
etag: W/"18ec-18c1250f240"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=84, ak_p; desc="1704521287685_389027471_176191531_8848_5784_32_0_219";dur=1
accept-ranges: bytes
content-length: 840
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 launch-6353dea724a7.min.js Show response
assets.adobedtm.com/be1e741df0ea/96057f3ea139/ 103 KB
34 KB 133ms
30ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/be1e741df0ea/96057f3ea139/launch-6353dea724a7.min.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4d3e264b6d2b9d47f4a5a9699352cd5d008014f59270ded32a1953afe2120078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: gzip
last-modified: Tue, 19 Sep 2023 02:21:19 GMT
server: AkamaiNetStorage
etag: "e90ebb78bc2fa78052063ec468df2a6e:1695090079.388927"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.otempo.com.br
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 34249
expires: Sat, 06 Jan 2024 07:08:07 GMT

GET
H2 200 capaAnchor.js Show response
www.otempo.com.br/plugins/advertising/dfp/ 865 B
686 B 161ms
158ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/plugins/advertising/dfp/capaAnchor.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5cf80af7e61d02a794ece86ab464c1993141eb80b70697552dc8f4fe29e1f2a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 19:45:44 GMT
server: nginx
etag: W/"361-18c1250f240"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=85, ak_p; desc="1704521287685_389027471_176191532_8945_5781_32_0_219";dur=1
accept-ranges: bytes
content-length: 287
expires: Sat, 06 Jan 2024 06:08:07 GMT

GET
H2 200 c8b207c.js Show response
www.otempo.com.br/_nuxt/ 7 KB
4 KB 57ms
54ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/c8b207c.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4df3780f01b2f6c2dfd41f286b828827e4a81aa63d2ec454e168ababdfe4c4aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"1c9e-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287685_389027471_176191533_491_5768_33_0_219";dur=1
accept-ranges: bytes
content-length: 3900
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 22c0450.js Show response
www.otempo.com.br/_nuxt/ 252 KB
87 KB 58ms
55ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/22c0450.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

42b54426d9bcb7ce0d62264a0c8bcae7f492246b29b31086d31474268d9af49a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"3f0db-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287685_389027471_176191534_495_5743_33_0_219";dur=1
accept-ranges: bytes
content-length: 88328
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 a8494ee.js Show response
www.otempo.com.br/_nuxt/ 537 KB
166 KB 73ms
71ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/a8494ee.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ed9a075704a65857f0b9d4865d82e042bd70431de401079d8d71fab1f8ac7a7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"864c1-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287685_389027471_176191535_498_5708_33_0_219";dur=1
accept-ranges: bytes
content-length: 169314
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 9267378.js Show response
www.otempo.com.br/_nuxt/ 352 KB
76 KB 110ms
108ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/9267378.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4349ec6ea54dd9e8f7e0a49ded2f6b4192781bc44856ec36c4d8d423907ca4ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"57ff9-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287685_389027471_176191536_497_5707_33_0_219";dur=1
accept-ranges: bytes
content-length: 77108
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 bb1d511.js Show response
www.otempo.com.br/_nuxt/ 330 KB
59 KB 120ms
118ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/bb1d511.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

87ae44c42e68a7ed868ae9090f863786bc1cff22d6563bf535aaffe3e85a3373

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"52879-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287685_389027471_176191537_499_5742_33_0_219";dur=1
accept-ranges: bytes
content-length: 60211
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 9a4609a.js Show response
www.otempo.com.br/_nuxt/ 22 KB
7 KB 140ms
138ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/9a4609a.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5471dbed799f7a272bce1c6936d7e95cb535007278307b94d0079314ef89832b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"5709-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287685_389027471_176191538_499_5723_33_0_219";dur=1
accept-ranges: bytes
content-length: 6867
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 87ca754.js Show response
www.otempo.com.br/_nuxt/ 37 KB
11 KB 141ms
139ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/87ca754.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

95e440153cfe6af91514f6222a4eb89f4bdaee0fbc71bf630165adfd0ccad184

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"9574-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287707_389027471_176191541_647_5705_32_0_219";dur=1
accept-ranges: bytes
content-length: 10704
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 8b7988d.js Show response
www.otempo.com.br/_nuxt/ 32 KB
10 KB 142ms
141ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/8b7988d.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b0b4b8d43f073e8b164f246fc61f41b8261c43ad60f101a3ac189d3cbad3b696

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"7f69-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287707_389027471_176191542_650_5675_32_0_219";dur=1
accept-ranges: bytes
content-length: 10336
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 fecd8c1.js Show response
www.otempo.com.br/_nuxt/ 28 KB
4 KB 143ms
142ms Script
application/javascript 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/fecd8c1.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8a9804250cc0e0039b709e7d32fa3b4bdaadb401b18ac183de9baf87788e2efb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"7186-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287707_389027471_176191543_651_5668_32_0_219";dur=1
accept-ranges: bytes
content-length: 3300
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 otempo.79a9c73.svg
www.otempo.com.br/_nuxt/img/ 4 KB
1 KB 130ms
130ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/otempo.79a9c73.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0e5e2e0cb02a76fdc1c2b2898474066f73a8fe175de17467cf9481a7c77bf470

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"eed-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287707_389027471_176191544_656_5630_32_0_182";dur=1
accept-ranges: bytes
content-length: 1169
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 sports.d1a7b7e.svg
www.otempo.com.br/_nuxt/img/ 3 KB
2 KB 52ms
47ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/sports.d1a7b7e.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6d9158a8be907eaaf61aed88a2f3148c8bec552dba99a04cd4d3b39a9930dfc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"d1b-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287850_389027471_176191570_52_6098_32_0_146";dur=1
accept-ranges: bytes
content-length: 1457
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 fm_o_tempo.41cc727.svg
www.otempo.com.br/_nuxt/img/ 3 KB
1 KB 53ms
48ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/fm_o_tempo.41cc727.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

795ca227b8f9c8f5091681e8b3669218832c62cf19c4badafe112e87276d3e24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"b1d-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287857_389027471_176191571_1050_5930_32_0_146";dur=1
accept-ranges: bytes
content-length: 1122
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 betim.9913804.svg
www.otempo.com.br/_nuxt/img/ 2 KB
1 KB 54ms
49ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/betim.9913804.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0d068359b0e39d4791c39f6381123db00e5e81ef30c4317347421a221fd39a36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"7f4-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287850_389027471_176191572_48_6134_32_0_146";dur=1
accept-ranges: bytes
content-length: 817
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 super.59b6aaa.svg
www.otempo.com.br/_nuxt/img/ 3 KB
2 KB 55ms
49ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/super.59b6aaa.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

64a5589fa5d5d7ca7d4691fa0ab31f4aacd3544e8287e871585746a29c5a58e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"c88-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287850_389027471_176191573_52_6182_32_0_146";dur=1
accept-ranges: bytes
content-length: 1276
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 politica.b47975a.svg
www.otempo.com.br/_nuxt/img/ 3 KB
2 KB 55ms
50ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/politica.b47975a.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

936a0c43f3d6717d751839d51372407166b21f6ba23efbc7c3bdb60c00bc8874

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"d8e-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287850_389027471_176191574_52_6122_32_0_146";dur=1
accept-ranges: bytes
content-length: 1353
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 cidades.8368097.svg
www.otempo.com.br/_nuxt/img/ 2 KB
1 KB 56ms
51ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/cidades.8368097.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a22ba8ea345fe27744f1d6d544bf31b937234815977423ef68e15470dd5a9976

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"83d-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287850_389027471_176191575_52_6112_32_0_146";dur=1
accept-ranges: bytes
content-length: 932
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 entretenimento.9bb21b3.svg
www.otempo.com.br/_nuxt/img/ 6 KB
2 KB 57ms
52ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/entretenimento.9bb21b3.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f8baeab28817473b280863cba09abd1358c8d5182ea5185ec9ad62aa58e393e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"1730-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287850_389027471_176191576_54_6079_32_0_146";dur=1
accept-ranges: bytes
content-length: 1833
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 ultimas.217b5b4.svg
www.otempo.com.br/_nuxt/img/ 1 KB
1010 B 57ms
52ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/ultimas.217b5b4.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a76fcbfb57b8f54928af0b95230b23d0569a864ba8b508275dd099ed14b00390

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 27 Nov 2023 20:05:25 GMT
server: nginx
etag: W/"522-18c1262f788"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287852_389027471_176191577_366_6126_32_0_146";dur=1
accept-ranges: bytes
content-length: 647
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.2863879:1683343231/ 12 KB
13 KB 131ms
131ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2863879:1683343231/image.png?f=&$p$f=aeb1590
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e74f4f8b944cdb9791942c185f35ef4587c6c3eff02914d55ba1e435118c9f00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 May 2023 03:22:36 GMT
server: Akamai Image Manager
etag: "policy:1.2863879:1683343231"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287707_389027471_176191545_657_6461_32_0_182";dur=1
content-length: 12741
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 otempo.2efc296.png
www.otempo.com.br/_nuxt/img/ 866 B
1 KB 42ms
41ms Image
image/png 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/otempo.2efc296.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7aad3c528a84c5f8145ab901050c637385dce1619706197cb9a826243def4444

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Thu, 23 Nov 2023 03:18:07 GMT
server: Akamai Image Manager
etag: W/"6a6-18bde79cc30"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287821_389027471_176191560_31_7118_33_0_182";dur=1
content-length: 866
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 cookies.f33c01d.svg
www.otempo.com.br/_nuxt/img/ 33 KB
19 KB 40ms
40ms Image
image/svg+xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/cookies.f33c01d.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

63b169efeccc25b559033bcdfd61cd9227aac4b8fa079876408f2948869e7d90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 17 Nov 2023 18:10:06 GMT
server: nginx
etag: W/"8254-18bde79cc30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287821_389027471_176191561_28_6200_33_0_182";dur=1
accept-ranges: bytes
content-length: 19404
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.3306887:1704514087/ 28 KB
29 KB 117ms
111ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306887:1704514087/image.jpeg?f=3x2&q=0.6&$p$f$q=b30a877
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 474337004915dfa671031d9720b4b8d07c1c0d12dcbf10bf236be8dbc6fcdfa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 Jan 2024 04:11:46 GMT
x-serial: 501
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.3306887:1704514087"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=69, ak_p; desc="1704521287849_389027471_176191569_6907_8674_34_0_182";dur=1
content-length: 29112
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.3306357:1704504714/ 16 KB
16 KB 121ms
116ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306357:1704504714/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 66194230d6b8b17e45f8d94b1773f6f284b5ad967fbb23e4db9376713c2b507e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 Jan 2024 01:58:43 GMT
server: Akamai Image Manager
etag: "policy:1.3306357:1704504714"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=74, ak_p; desc="1704521287850_389027471_176191578_7467_7181_33_0_219";dur=1
content-length: 16478
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2486894:1621362995/ 4 KB
5 KB 83ms
78ms Image
image/webp 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2486894:1621362995/image.jpg?f=1x1&w=600&$p$f$w=0b11e8a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 5b5f63cf93eb6c705ad674b48e5451f9fbdc156d43f51b9f709eeb878354f3bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Thu, 03 Nov 2022 04:11:59 GMT
server: Akamai Image Manager
etag: "policy:1.2486894:1621362995"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191582_150_10873_32_0_146";dur=1
content-length: 4424
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.2406033:1604057327/ 6 KB
7 KB 84ms
79ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2406033:1604057327/image.png?f=1x1&w=600&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 51f85c9bdd957d797de3cffd7aab88e6ed58a762be6dcfdccf7ca5112b60b51f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 29 Sep 2023 11:44:59 GMT
x-serial: 86
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2406033:1604057327"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191583_147_11612_32_0_146";dur=1
content-length: 6420
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2151207:1552941443/ 3 KB
3 KB 85ms
80ms Image
image/webp 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2151207:1552941443/image.jpg?f=1x1&h=200&$p$f$h=49cc34d
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 41221a11e8ab4ebaf39d229bf38956ff29e080d2a5517f7c86a29e2970823fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 26 Feb 2022 01:20:45 GMT
x-serial: 1848
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2151207:1552941443"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191584_156_10793_32_0_146";dur=1
content-length: 2708
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.3033645:1689364098/ 3 KB
3 KB 86ms
81ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3033645:1689364098/image.png?f=1x1&w=128&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c297402d3a50b8f091174ce9afc9190baf0989ddfc69f3fc956d9d2dfc7a8765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 15 Jul 2023 17:30:30 GMT
server: Akamai Image Manager
etag: "policy:1.3033645:1689364098"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191585_165_10721_32_0_146";dur=1
content-length: 2723
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.3033671:1689364397/ 3 KB
3 KB 86ms
82ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3033671:1689364397/image.png?f=1x1&w=128&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3209a1aae8bf44c9b702fab5d7ec4b5036c7f84f7929b67f63ba73445fe64539

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 14 Jul 2023 19:54:10 GMT
x-serial: 989
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.3033671:1689364397"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191586_167_10704_32_0_146";dur=1
content-length: 2721
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.3214382:1692892400/ 2 KB
2 KB 87ms
83ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3214382:1692892400/image.png?f=1x1&w=128&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: b5597971118118498992ca93621cfafbd2df0f99f1f0810c892bd4e1caf1937d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Thu, 24 Aug 2023 19:07:46 GMT
x-serial: 661
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.3214382:1692892400"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191587_179_10676_32_0_146";dur=1
content-length: 2167
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.PNG
www.otempo.com.br/image/contentid/policy:1.3232302:1694538111/ 1 KB
1 KB 87ms
83ms Image
image/webp 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3232302:1694538111/image.PNG?f=1x1&w=128&$p$f$w=21cb318
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c91351f65833b2e89fa1c4c012b4b8a5fb6ac8c3d19315f9deca4c72c70838e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Tue, 12 Sep 2023 17:03:21 GMT
server: Akamai Image Manager
etag: "policy:1.3232302:1694538111"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191588_175_10641_32_0_146";dur=1
content-length: 1072
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.3221193:1695340471/ 2 KB
2 KB 88ms
84ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3221193:1695340471/image.jpeg?f=1x1&w=128&$p$f$w=484fc3a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 75a010273b781ec393dafd5290ad3eabec474f7e248c4cc868e8d76a1128d348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Thu, 21 Sep 2023 23:58:17 GMT
server: Akamai Image Manager
etag: "policy:1.3221193:1695340471"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191589_181_10584_32_0_146";dur=1
content-length: 2204
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.3273644:1699884329/ 2 KB
3 KB 89ms
85ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3273644:1699884329/image.png?f=1x1&w=128&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 56736a0f5369b9ee213d66b858c368cf0f22ffd9b7bac706ff29c26125dc4431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Mon, 13 Nov 2023 14:10:47 GMT
x-serial: 1666
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.3273644:1699884329"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191590_185_10555_32_0_146";dur=1
content-length: 2267
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.3269976:1699374772/ 3 KB
3 KB 89ms
85ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3269976:1699374772/image.png?f=1x1&w=128&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 60a1e3a892a4aeb05804d5a739e9502616219559482357ed4a74caa8ddef73f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Tue, 07 Nov 2023 19:48:13 GMT
server: Akamai Image Manager
etag: "policy:1.3269976:1699374772"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191591_218_10333_32_0_146";dur=1
content-length: 3028
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2486898:1621363332/ 2 KB
2 KB 90ms
86ms Image
image/webp 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2486898:1621363332/image.jpg?f=1x1&w=128&$p$f$w=0b11e8a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 00964050fc1aec50f8dbfec60fd6b6a846c3918d2420118516cf08c7591335f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 26 Feb 2022 00:46:57 GMT
server: Akamai Image Manager
etag: "policy:1.2486898:1621363332"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191592_190_10509_32_0_146";dur=1
content-length: 1892
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.3306858:1704505932/ 28 KB
28 KB 145ms
141ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306858:1704505932/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d988c57783761b485bce7d414b53ba7adee025269218aa7cd9b79802d63a4672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 Jan 2024 01:58:45 GMT
server: Akamai Image Manager
etag: "policy:1.3306858:1704505932"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=81, ak_p; desc="1704521287865_389027471_176191593_8311_10527_32_0_146";dur=1
content-length: 28845
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.2468318:1704486289/ 26 KB
26 KB 118ms
114ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2468318:1704486289/image.jpeg?f=3x2&q=0.6&$p$f$q=b30a877&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 6a4eb2856062a6cf65d1a376d06abe39a9bcdcf6644cd1feae9cea8419f5b11b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 05 Jan 2024 23:19:11 GMT
server: Akamai Image Manager
etag: "policy:1.2468318:1704486289"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=53, ak_p; desc="1704521287865_389027471_176191594_5482_10486_33_0_146";dur=1
content-length: 26158
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.3306773:1704509362/ 10 KB
10 KB 161ms
157ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306773:1704509362/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 98686c05c874d1b1267dd4ca23046a8080ace89f2b65880af0d6ad9b845c4d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 Jan 2024 03:12:09 GMT
server: Akamai Image Manager
etag: "policy:1.3306773:1704509362"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=97, ak_p; desc="1704521287865_389027471_176191595_9900_10469_33_0_146";dur=1
content-length: 10016
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.JPG
www.otempo.com.br/image/contentid/policy:1.3306648:1704490664/ 37 KB
38 KB 90ms
87ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306648:1704490664/image.JPG?f=3x2&q=0.6&$p$f$q=72a5f24&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 9f70c94797aa9dad8de8ca598ae049ca3e39582899e5fc5154dc81b8765f119b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 05 Jan 2024 21:46:17 GMT
server: Akamai Image Manager
etag: "policy:1.3306648:1704490664"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191596_258_11373_32_0_146";dur=1
content-length: 38286
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2342482:1704479304/ 42 KB
42 KB 91ms
88ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2342482:1704479304/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a31906750d870e54250a4121055bb87b320ddc8d02ca8ffd4c91953535aae6c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 05 Jan 2024 18:29:26 GMT
server: Akamai Image Manager
etag: "policy:1.2342482:1704479304"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287865_389027471_176191597_236_10380_32_0_146";dur=1
content-length: 42716
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.3306249:1704475821/ 20 KB
21 KB 93ms
90ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306249:1704475821/image.jpeg?f=3x2&q=0.6&$p$f$q=b30a877&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 5bd490ba54c09f9a7d15722160667419324ba780747355d5c87d758680a80b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 05 Jan 2024 18:19:16 GMT
x-serial: 1547
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.3306249:1704475821"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287877_389027471_176191598_1751_9155_33_0_146";dur=1
content-length: 20828
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.3306881:1704510030/ 21 KB
22 KB 94ms
91ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306881:1704510030/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 07eb11875bc1592e487b2d1e5da0594a81fa544ebb33fc966250684daa51f2c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 Jan 2024 03:12:21 GMT
x-serial: 243
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.3306881:1704510030"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287877_389027471_176191599_1832_8418_33_0_146";dur=1
content-length: 21710
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.3306795:1704500156/ 21 KB
21 KB 183ms
180ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306795:1704500156/image.jpeg?f=3x2&q=0.6&$p$f$q=b30a877&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 902cfad560ee84d5dc8b661ca8c0bdcf46ded72f049def89270fe12e9a247d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Sat, 06 Jan 2024 01:58:43 GMT
server: Akamai Image Manager
etag: "policy:1.3306795:1704500156"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=110, ak_p; desc="1704521287878_389027471_176191600_12842_7932_32_0_146";dur=1
content-length: 21115
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.1737361:1704471288/ 19 KB
20 KB 95ms
92ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.1737361:1704471288/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e288b1c4b877eb64f60121b0aee5c84574b52ef3c48b0bbe023558e4fb3feb98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Fri, 05 Jan 2024 16:34:24 GMT
x-serial: 15
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.1737361:1704471288"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191601_1933_7484_33_0_146";dur=1
content-length: 19648
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422776:1704325739/ 8 KB
9 KB 96ms
93ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422776:1704325739/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3391161336f535a5ff4f2aedb1e54ab211e2f7812ca778dad1735b9505d231bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Wed, 03 Jan 2024 23:50:53 GMT
server: Akamai Image Manager
etag: "policy:3.2422776:1704325739"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191602_1981_7389_33_0_146";dur=1
content-length: 8572
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422770:1704324881/ 9 KB
10 KB 96ms
93ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422770:1704324881/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3faaf773caf8fea260664c4dfad9004348e5081516252c7a3e0be0d1ada4be24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Wed, 03 Jan 2024 23:48:01 GMT
server: Akamai Image Manager
etag: "policy:3.2422770:1704324881"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191603_2010_7333_33_0_146";dur=1
content-length: 9587
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422762:1704323805/ 11 KB
12 KB 97ms
94ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422762:1704323805/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 01a42fcc183a758043a55b191cb08f1a101ef2040216960e364847516482d3f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Wed, 03 Jan 2024 23:17:48 GMT
x-serial: 722
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2422762:1704323805"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191604_1978_7360_33_0_146";dur=1
content-length: 11559
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422766:1704323827/ 7 KB
8 KB 97ms
95ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422766:1704323827/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e10e4a5c59d67a39b4def4ec0ae394f63b26fc4964b631730b94ec069c2f7345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Wed, 03 Jan 2024 23:17:52 GMT
server: Akamai Image Manager
etag: "policy:3.2422766:1704323827"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191605_1998_7292_33_0_146";dur=1
content-length: 7548
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422764:1704323819/ 7 KB
7 KB 98ms
96ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422764:1704323819/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 6baaade98569e7808d545deb501c9ea511e5a817be0dd3667480022c64f7a589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Wed, 03 Jan 2024 23:17:56 GMT
x-serial: 1230
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2422764:1704323819"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191606_1993_7624_33_0_146";dur=1
content-length: 6903
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422768:1704323845/ 8 KB
8 KB 103ms
100ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422768:1704323845/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e02e89d7dfa3ab15773597c97787efeb9895f54e43d1088b158bd4475ee9f6fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Wed, 03 Jan 2024 23:17:58 GMT
x-serial: 233
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2422768:1704323845"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="1704521287887_389027471_176191607_5207_8459_34_0_146";dur=1
content-length: 8087
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422531:1704239513/ 10 KB
10 KB 98ms
96ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422531:1704239513/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d879f00f9bf513149bfd9603f0944508c537698d3c77bf499153fe4111a84228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Tue, 02 Jan 2024 23:56:09 GMT
server: Akamai Image Manager
etag: "policy:3.2422531:1704239513"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704521287878_389027471_176191608_2018_7591_33_0_146";dur=1
content-length: 10379
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2422518:1704234696/ 9 KB
9 KB 103ms
101ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2422518:1704234696/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a30df51bcb6a32bdbb92abf6b9129c3ce91b0d730158a3803debd8ea355c9333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
last-modified: Tue, 02 Jan 2024 22:39:28 GMT
server: Akamai Image Manager
etag: "policy:3.2422518:1704234696"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=29, ak_p; desc="1704521287878_389027471_176191609_4854_8302_34_0_146";dur=1
content-length: 9398
expires: Mon, 05 Feb 2024 06:08:07 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 117ms
20ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/plugins/advertising/amazon/home.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 05:13:13 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3295
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ix2N1H_0wkiooAK2xK8a9B33TYpyfGVq-VMyDPKRBwddiwRsXHB5cg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 120ms
21ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 13 Jan 2024 06:08:07 GMT

GET
H2 200 hc3hij1thq Show response
www.clarity.ms/tag/ 1 KB
1 KB 188ms
109ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hc3hij1thq
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a2e6b8e6ffa69e5e2ce0da148a7ee9b316f8fd0385ba48f0f1de64518ac3c3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: -1
date: Sat, 06 Jan 2024 06:08:08 GMT
x-azure-ref: 20240106T060807Z-mbp4tx026x0ff1tm1xtrfrv4e800000002qg000000004r6w
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1066
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 SC47L-4MK55-7NYMX-JHS4F-UX8KX Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 65ms
20ms Script
application/javascript 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/SC47L-4MK55-7NYMX-JHS4F-UX8KX
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:07 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Tue, 19 Dec 2023 07:51:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
DATA 200
OK truncated
/ 733 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5286854173e8ebfa92c3226b7df7499754974e6c8a13f85073b413b2a5c4b984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 754 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdfc3cc939b03ea51378d2dbdeb7ff9d7bdeda9189f45c6e48cff4724b4171f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:19:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24499
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 04 Jan 2025 23:19:48 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.3306690:1704505085/ 13 KB
13 KB 268ms
268ms Image
image/avif 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.3306690:1704505085/image.jpeg?f=3x2&q=0.6&$p$f$q=b30a877
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 498ce3c53934f9d6bed02c83c42badefda006bcb9b3db3b8319b93290d8a4efd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
last-modified: Sat, 06 Jan 2024 01:58:45 GMT
server: Akamai Image Manager
etag: "policy:1.3306690:1704505085"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=202, origin; dur=0, ak_p; desc="1704521287904_389027471_176191611_20415_9251_38_0_219";dur=1
content-length: 13438
expires: Mon, 05 Feb 2024 06:08:08 GMT

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c88a0057945c8339c3a7f8d03427f7f8ef7b3dfdb3c8488c763a807d9aaa7b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 88ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 06:08:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Qk8E+7vevjFasyReg05N0VicepChuWs30Og6qh5fjKUCGmFopPFbeKQeHq8gzX277qIs3YlDi/9jGyp/iy40PA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
825 B 65ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

899f8bf417ac18c7817e643f1d50d1e5aee2be2307db4f4124f49c345113a10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 Jan 2024 06:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 Jan 2024 06:08:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jan 2024 06:08:08 GMT

GET
H2 200 rules-p-UNeVmbpyHA1tL.js Show response
rules.quantcount.com/ 160 B
644 B 94ms
34ms Script
application/javascript 2600:9000:20c3:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UNeVmbpyHA1tL.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e628e44c6c55b106b85f27aa1e47edd3665d8f406585c7c75ff1e23bd0970abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
via: 1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 244
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 15 Sep 2023 14:50:11 GMT
server: AmazonS3
etag: "b87e37628fed805ab768cb2019b49fb4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: M_kxJneHstbXqTb07wPh_qbaMcxdd-j9azDeaZQlvM4ZGlvolBDdVg==

GET
H2 200 id Show response
dpm.demdex.net/ 372 B
920 B 153ms
45ms XHR
application/json 52.208.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=7AB02190639B302E0A495FA4%40AdobeOrg&d_nsid=0&ts=1704521288123

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/be1e741df0ea/96057f3ea139/launch-6353dea724a7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.197.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-197-4.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a97ef0953444b9262c00201a2e9abf7e02c658a4edcdd5e2555e4757dec96aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v054-0de8db4a5.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: TnJ3l59rRjE=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 312
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 34ms
34ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/be1e741df0ea/96057f3ea139/launch-6353dea724a7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12687
expires: Sat, 06 Jan 2024 07:08:08 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 39ms
39ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/be1e741df0ea/96057f3ea139/launch-6353dea724a7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sat, 06 Jan 2024 07:08:08 GMT

GET
H2 200 ee79b9e9-a905-4adf-925b-211c64726bba Show response
config.aps.amazon-adsystem.com/configs/ 564 B
840 B 108ms
26ms Script
application/javascript 108.138.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ee79b9e9-a905-4adf-925b-211c64726bba
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-117.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 96fa88ea563eb3fdaef309ef8d8227ddc5379e87db2745d6a26e328b0a854599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 05:23:23 GMT
via: 1.1 beaace02cc7004781239800a1c484ca0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
age: 2685
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: 69MHSIxtd8seiKO0SXMHaEYTBqqDLnVUKdEC-U5vJp60b8dd8XmryQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 20ms
19ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.otempo.com.br&pubid=ee79b9e9-a905-4adf-925b-211c64726bba
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:00:51 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 7637
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.otempo.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: bwjVpHUpLgVxXry-fwDhxhUYHEdzM_JTOokxvWtqYbgpluWF2T7Fgg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 146ms
59ms XHR
text/javascript 52.222.253.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.otempo.com.br%2F&pid=7VfeZbWiMvpGz&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22capa_topo_header%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_topo_header%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_5%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_6%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_7%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_8%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_9%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_100%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_200%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_300%22%2C%22s%22%3A%5B%22728x90%22%2C%22980x250%22%2C%22970x90%22%2C%22970x250%22%2C%221190x250%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots%22%7D%2C%7B%22sd%22%3A%22capa_half_page%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_half_page%22%7D%2C%7B%22sd%22%3A%22capa_bloco_anchor%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_bloco_anchor%22%7D%2C%7B%22sd%22%3A%22capa_entre_slots_mobile_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F14159828%2Fhome%2Fcapa_entre_slots_mobile%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=ee79b9e9-a905-4adf-925b-211c64726bba&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.253.136 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-253-136.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: QV10DV34YYMXT528YSRX
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: DSv1KVNxjJxF3GRiuyUmToKzUJytjuUQqZEnfYqcAzilI8QBjfFMhQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 59ms
19ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
date: Sat, 06 Jan 2024 05:43:38 GMT
x-amz-cf-pop: FRA56-P6
age: 3556
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: WV5UtbQidmaZullw0llXwSoWIA3arW8XKW7P3RNsANW1AvyTrvJEFg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 74ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1VXJ83ESPC&gtm=45je4130v883286285&_p=1704521287821&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1132499905.1704521288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704521288&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=965
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 82ms
27ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1VXJ83ESPC&cid=1132499905.1704521288&gtm=45je4130v883286285&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 78ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1VXJ83ESPC&cid=1132499905.1704521288&gtm=45je4130v883286285&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=508219437

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 69ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F1R8GNWX4Y&gtm=45je4130v9130089172&_p=1704521287821&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1132499905.1704521288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704521288&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&en=page_view&_fv=1&_ss=1&_ee=1&tfd=976
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F1R8GNWX4Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 37ms
36ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hc3hij1thq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
content-encoding: br
last-modified: Wed, 03 Jan 2024 15:51:12 GMT
etag: W/"0x8DC0C73CFCC02AC"
vary: Accept-Encoding
x-azure-ref: 20240106T060808Z-mbp4tx026x0ff1tm1xtrfrv4e800000002qg000000004r7c
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 927452cc-301e-003f-37f1-3ee678000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 85ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 15:36:20 GMT
x-content-type-options: nosniff
age: 397908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 15:36:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 93ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:48:33 GMT
x-content-type-options: nosniff
age: 116375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 21:48:33 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 62ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 390844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:34:04 GMT

GET
H2 200 pixel;r=1667813981;rf=0;a=p-UNeVmbpyHA1tL;url=https%3A%2F%2Fwww.otempo.com.br%2F;uh=81c0d3b50c3c83d9cad72a173add36d5727ac0395bd9764828b907839d73389c;uht=0;fpan=1;fpa=P0-966410739-1704521288117;pbc=...
pixel.quantserve.com/ 35 B
372 B 50ms
21ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1667813981;rf=0;a=p-UNeVmbpyHA1tL;url=https%3A%2F%2Fwww.otempo.com.br%2F;uh=81c0d3b50c3c83d9cad72a173add36d5727ac0395bd9764828b907839d73389c;uht=0;fpan=1;fpa=P0-966410739-1704521288117;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=otempo.com.br;dst=1;et=1704521288262;tzo=-60;ogl=title.O%20TEMPO%20-%20Not%C3%ADcias%2Cdescription.Clique%20para%20conferir%20no%20portal%20do%20Jornal%20O%20Tempo%252C%20de%20Belo%20Horizonte%252C%20em%20Minas%20Ge%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Eotempo%252Ecom%252Ebr%2F%2Clocale.pt_BR;ses=fd490d5b-6e01-4ee7-b43f-7ee4f27ae491;mdl=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 29ms
29ms Script
application/x-javascript 2600:9000:2449:ee00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/9267378.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2449:ee00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 17:35:35 GMT
content-encoding: gzip
via: 1.1 6c60742ba67aa10b881e511aba8e470a.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: AMS58-P6
age: 45153
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: iqNZJ6fU9TVn7Es6BvVrDr1p32mu7Ar-xjY57Nbc-PikYoCDaDw6Vw==
expires: Sat, 06 Jan 2024 17:35:35 GMT

GET
H2 200 mais-lidas-1.1431203 Show response
www.otempo.com.br/cmlink/ 111 KB
28 KB 213ms
213ms Fetch
text/xml 2a02:26f0:3500:12::1730:178f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.otempo.com.br/cmlink/mais-lidas-1.1431203
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/bb1d511.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:178f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9902ffa931c87416ab009209fcd6cc13e076b940d56ba0f5d6a08de1e5802512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
content-encoding: gzip
referrer-policy: origin
server: nginx
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=15, origin; dur=157, ak_p; desc="1704521288480_389027471_176191702_17214_8162_35_0_219";dur=1
content-length: 28456
expires: Sat, 06 Jan 2024 06:08:08 GMT

GET
H2 200 6157506134366228 Show response
connect.facebook.net/signals/config/ 131 KB
35 KB 103ms
103ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/6157506134366228?v=2.9.139&r=stable&domain=www.otempo.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a1ae50a3e9fb8aeec65b9a1e6a14b2bd87566352d0644f75291221e942394689

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 Jan 2024 06:08:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: eNJetM+HdtAwRzBrujO+rbbbiSgr4pVho2ZpTSWUXhPBSNojpEpQAbEfyqp9FgKGV5cHUBurexIsNPQ+sxgoUw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dest5.html Show response
sempreeditora.demdex.net/ Frame B627 7 KB
3 KB 65ms
43ms Document
text/html 52.208.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sempreeditora.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/be1e741df0ea/96057f3ea139/launch-6353dea724a7.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.197.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-197-4.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 06 Jan 2024 06:08:08 GMT
dcs: dcs-prod-irl1-1-v054-026f8435a.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 20:59:55 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: yYOCOQLPQYg=

GET
H2

200

ibs:dpid=411&dpuuid=ZZjuSAAAALbSNAOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=33892577743377699883579346569103724422
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZjuSAAAALbSNAOJ

42 B
719 B

44ms
44ms

Image
image/gif

52.208.197.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZjuSAAAALbSNAOJ

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Server

52.208.197.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-197-4.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-083ffdefc.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 8t5R+tEjTF8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZZjuSAAAALbSNAOJ
Date: Sat, 06 Jan 2024 06:08:08 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 705 B
389 B 65ms
65ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2229837715234212&correlator=1644637888854086&eid=31080124%2C31080115%2C21065725&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=14159828%2Chome%2Ccapa_outofpage_background&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=2555338690&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704521288600&lmt=1704521288&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=1132499905.1704521288&ga_sid=1704521289&ga_hid=185631269&ga_fc=true&dlt=1704521287643&idt=382&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse%26position%3Doutofpage_background&cust_params=empresa%3Dcapa&adks=3069691123&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17d359ba4a62b0d1b841d49aeb19f2319c3eff5d5f235aab415d97d9a7bed9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 359
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B62 6 KB
3 KB 121ms
28ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:08 GMT
expires: Sun, 05 Jan 2025 06:08:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 129 KB
46 KB 362ms
362ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2229837715234212&correlator=1644637888854086&eid=31080124%2C31080115%2C21065725&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=14159828%2Chome%2Ccapa_entre_slots&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C980x250%7C970x90%7C970x250%7C1190x250&ifi=2&didk=4148063781&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704521288707&lmt=1704521288&adxs=436&adys=4164&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&psz=1248x256&msz=728x256&fws=0&ohw=0&ga_vid=1132499905.1704521288&ga_sid=1704521289&ga_hid=185631269&ga_fc=true&dlt=1704521287643&idt=382&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse%26position%3Dcapa_entre_slots_0%26amznbid%3D2%26amznp%3D2&cust_params=empresa%3Dcapa&adks=119797043&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e8a77bedbd6394c2b1714c073f73efefad304a3246327508cfdefb9faa7fbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46773
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 576ms
576ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2229837715234212&correlator=1644637888854086&eid=31080124%2C31080115%2C21065725&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=14159828%2Chome%2Ccapa_half_page&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600%7C160x600&ifi=3&didk=450740475&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704521288711&lmt=1704521288&adxs=1124&adys=1906&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=1132499905.1704521288&ga_sid=1704521289&ga_hid=185631269&ga_fc=true&dlt=1704521287643&idt=382&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse%26position%3Dcapa_half_page%26amznbid%3D2%26amznp%3D2&cust_params=empresa%3Dcapa&adks=975731976&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7baf6f85b479631cd9c7403f1b7d4de912759c346eee4651120688dc99ae4bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11997
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
12 KB 817ms
817ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2229837715234212&correlator=1644637888854086&eid=31080124%2C31080115%2C21065725&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=14159828%2Chome%2Ccapa_entre_slots&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C980x250%7C970x90%7C970x250%7C1190x250&ifi=4&didk=1269400056&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704521288714&lmt=1704521288&adxs=436&adys=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&psz=1248x256&msz=728x256&fws=0&ohw=0&ga_vid=1132499905.1704521288&ga_sid=1704521289&ga_hid=185631269&ga_fc=true&dlt=1704521287643&idt=382&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse%26position%3Dcapa_entre_slots_100%26amznbid%3D2%26amznp%3D2&cust_params=empresa%3Dcapa&adks=981097698&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b44db8de252974ea42b28acf236afca7617cd4b164a905d9d9bc6185f0216bef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11861
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 564 B
321 B 831ms
831ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2229837715234212&correlator=1644637888854086&eid=31080124%2C31080115%2C21065725&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=14159828%2Chome%2Ccapa_minas_sa_oferecimento&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&didk=3952511041&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704521288715&lmt=1704521288&adxs=1285&adys=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&psz=279x0&msz=0x0&fws=0&ohw=0&ga_vid=1132499905.1704521288&ga_sid=1704521289&ga_hid=185631269&ga_fc=true&dlt=1704521287643&idt=382&prev_scp=position%3Dcapa_minas_sa_oferecimento&cust_params=empresa%3Dcapa&adks=933870640&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad19013b225422e85a4c811b929bc8bcacfc4cd955b905d7448ac960127971e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 1133ms
1132ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2229837715234212&correlator=1644637888854086&eid=31080124%2C31080115%2C21065725&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=14159828%2Chome%2Ccapa_topo_header&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C980x250%7C970x90%7C970x250%7C1190x250&ifi=6&didk=1125125394&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704521288717&lmt=1704521288&adxs=436&adys=256&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&psz=1248x0&msz=728x0&fws=0&ohw=0&ga_vid=1132499905.1704521288&ga_sid=1704521289&ga_hid=185631269&ga_fc=true&dlt=1704521287643&idt=382&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse%26position%3Dcapa_topo_header%26ambiente%3Dotempo%26amznbid%3D2%26amznp%3D2&cust_params=empresa%3Dcapa&adks=1992981104&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8af5d3a0092e3efacdd37125f3b9c91a4d1e411b0425667091360c04c28862d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13367
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 459ms
113ms Image
image/gif 34.235.12.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=otempo.com.br&p=%2F&u=Cw3afeBYb8_CDZvCg7&d=otempo.com.br&g=66040&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=16152&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.otempo.com.br%2F&b=1511&t=DvWFP7D89VuCgKQ7FD2eYuPBVuH_D&V=143&i=O%20TEMPO&tz=-60&sn=1&sv=gcEsuDnEug236s_WH676BJfSDa&sr=external&sd=1&im=067b0fff&_
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.12.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-12-81.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 s67332022598740
sempre.sc.omtrdc.net/b/ss/sempreeditora-portalotempo-prod/1/JS-2.25.0-LDQM/ 43 B
345 B 108ms
33ms Image
image/gif 63.140.62.22
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sempre.sc.omtrdc.net/b/ss/sempreeditora-portalotempo-prod/1/JS-2.25.0-LDQM/s67332022598740?AQB=1&ndh=1&pf=1&t=6%2F0%2F2024%207%3A8%3A8%206%20-60&mid=24445598298132452264560380014967109800&aamlh=6&ce=UTF-8&pageName=Home&g=https%3A%2F%2Fwww.otempo.com.br%2F&cc=USD&ch=Home&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=Home&v2=Home&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=7AB02190639B302E0A495FA4%40AdobeOrg&AQE=1

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.22 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-22.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 07 Jan 2024 06:08:08 GMT
server: jag
etag: 3660431594359029760-4617935149698737680
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05 Jan 2024 06:08:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
19ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6157506134366228&ev=PageView&dl=https%3A%2F%2Fwww.otempo.com.br%2F&rl=&if=false&ts=1704521288805&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.2.1704521288804.1391405797&ler=empty&it=1704521288565&coo=false&rqm=GET

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 Jan 2024 06:08:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 204
No Content config.json Show response
c.go-mpulse.net/api/ 0
176 B 97ms
57ms XHR
application/json 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SC47L-4MK55-7NYMX-JHS4F-UX8KX&d=www.otempo.com.br&t=5681738&v=1.720.0&sl=0&si=e5cc37dd-f140-42cc-b4b3-4633567eacfb-s6tt1j&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=752979
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SC47L-4MK55-7NYMX-JHS4F-UX8KX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 06 Jan 2024 06:08:08 GMT
Connection: keep-alive
Timing-Allow-Origin: *
Content-Type: application/json

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
297 B 395ms
120ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.otempo.com.br
Date: Sat, 06 Jan 2024 06:08:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B152808653364D329C4CADEDF562B34A&RedC=c.clarity.ms&MXFR=3F64FC89569F66A51334EF77529F6862
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B152808653364D329C4CADEDF562B34A&MUID=39FB53BC86996F052803404287336E99

42 B
442 B

44ms
44ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B152808653364D329C4CADEDF562B34A&MUID=39FB53BC86996F052803404287336E99
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
last-modified: Tue, 12 Dec 2023 19:03:29 GMT
server: Microsoft-IIS/10.0
etag: "e8d91e42d2dda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 15996B910EC94E019F1E14DBEE739386 Ref B: DUS30EDGE0706 Ref C: 2024-01-06T06:08:09Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B152808653364D329C4CADEDF562B34A&MUID=39FB53BC86996F052803404287336E99
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 111ms
65ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

797bfe04734dbc52bb035401b32145bb3840b401b80ca5456e4a55c7855ca7d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12353
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
69 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/9267378.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfcad1de785fffe942b79cee1dbda805556539c8934aed4327addfb843137096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 06 Jan 2024 06:08:09 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 92ms
18ms Script
text/plain 2a00:1450:4001:827::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 05:24:28 GMT
content-encoding: gzip
age: 2621
x-guploader-uploadid: ABPtcPppEZ4Mmdew9mHzK5Ag0WaK_C7oIPG4GLWXt808tqyp728WIEryzx_ZRfLLwa4mEKcQFik
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-generation: 1567453851562424
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type: text/plain
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
expires: Sat, 06 Jan 2024 06:24:28 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 88ms
30ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 3350
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8411c8ea7f533639-FRA
expires: Sat, 06 Jan 2024 06:12:18 GMT

GET
H2 200 container.html Show response
f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0799 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:08 GMT
expires: Sun, 05 Jan 2025 06:08:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B49F 624 B
577 B 107ms
58ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYjsHx0wEwAQ&v=APEucNXoIOSFOe5H2UX8l2AM2tVZb-5dHADYG6KKQRBoaKrgtaLgOPTMTXHAk1L_YmjCZzGI7BALNN2VXP92mZHQz5s7OQEIqacCXzglT-EGX2JTwUA2taBgi-meagp6HW4eHnhuMs2rKsvQrZq9DeibGk-bhT_N52nC-BzRTwZQ0ceNUoSjNS4

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0799 89 KB
31 KB 218ms
169ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 06:08:09 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0799 42 B
401 B 104ms
55ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BnMlGwquGLt4DZ9vGY3ixMMaMRIgQvZ2U_mKxUGb5PujklnnyQAfAfY4Dr_rX9bjp8f0zYCQS3X5Ft6ctVmEmvMqdYAAIbQfE0yhYv3xlgaW1BF0M

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 0799 3 KB
1 KB 78ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 15:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 15:03:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 0799 20 KB
9 KB 76ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 10:12:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0799 0
0 76ms
28ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGBbx3B0PmEgDj22Luz9zu3pC7vkG3uEHiLsxpl9EOShJVeg_NXkWpScuwntBs1TVj1JbgOojn0rXy63fpVSm6HbfbYQ
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0799 204 KB
65 KB 81ms
33ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 06:08:09 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 06:08:09 GMT

GET
H2 200 67531 Show response
tag.navdmp.com/u/ 616 B
524 B 149ms
148ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/67531
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768b0b2946f231db309560d2478dc1110b09104d5f721020ea2569e313d1f176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:45:01 GMT
server: cloudflare
etag: W/"6137b32d-268"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 8411c8eaaf753639-FRA
expires: Sat, 06 Jan 2024 07:08:09 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1359ms
480ms Image
image/gif 52.13.15.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1704521289418&e=pv&url=https%3A%2F%2Fwww.otempo.com.br%2F&page=O%20TEMPO&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=33&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=fe2403e8-0545-4620-945e-ba1753e8af3c&dtm=1704521289417&vp=1600x1200&ds=1600x16219&vid=1&sid=b447ff09-e5c1-4b72-831e-80c01b737e35&duid=c674a1a0-5259-473e-82fd-4e6286a1276e&fp=4079893849
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.13.15.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-13-15-187.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 06:08:10 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7FD 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 22:48:15 GMT
expires: Sat, 04 Jan 2025 22:48:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D9A 829 B
1 KB 29ms
28ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

567791ac2471e51cbbac8f4b06ee7901d4eacacb37ec5c04f229b0ecd1e25632

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-On7vQK2nhuvAvt6MXgNAyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-On7vQK2nhuvAvt6MXgNAyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:09 GMT
expires: Sat, 06 Jan 2024 06:08:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B49F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlchghLUg8wN2TG1r_gaFU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlchghLUg8wN2TG1r_gaFU&google_cver=1&C=1

43 B
770 B

55ms
55ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAlchghLUg8wN2TG1r_gaFU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYjsHx0wEwAQ&v=APEucNXoIOSFOe5H2UX8l2AM2tVZb-5dHADYG6KKQRBoaKrgtaLgOPTMTXHAk1L_YmjCZzGI7BALNN2VXP92mZHQz5s7OQEIqacCXzglT-EGX2JTwUA2taBgi-meagp6HW4eHnhuMs2rKsvQrZq9DeibGk-bhT_N52nC-BzRTwZQ0ceNUoSjNS4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JQuxRJdw%2FDIKkA0p61Abj%2FMjQfTb9EMD2t9LoJ3PjMVZsWlnLFlUJHX3bOd3Au86ASRCLRn2x5%2BiB08En9lTT1WMj5MVIxcDsS6Pzr2M7tUdnxcBYGaVr92fGe7KcL8%2FORaqy50fxBdpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8411c8ec08f26a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbWcHUB6PQ7L3wqKRQiOWP24gi%2FU%2FoPSb8l6OEVJr5tb%2BtW29X3tEPNuVR53%2B4r%2FAOvW%2FaG2g%2B05FX3nwGTklQ3%2FchxV%2FYtXIspHqL9Kfsa6%2BL28cFYNC8XFW0yc%2F%2B0ARS7%2BgihFh3Sveg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEAlchghLUg8wN2TG1r_gaFU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8411c8ebbb9d6a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B49F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZjuSXXOYchA-UmQGIgjsQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7fdTCFTGF3GYa-96jaO4A&google_cver=1

43 B
735 B

52ms
51ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7fdTCFTGF3GYa-96jaO4A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYjsHx0wEwAQ&v=APEucNXoIOSFOe5H2UX8l2AM2tVZb-5dHADYG6KKQRBoaKrgtaLgOPTMTXHAk1L_YmjCZzGI7BALNN2VXP92mZHQz5s7OQEIqacCXzglT-EGX2JTwUA2taBgi-meagp6HW4eHnhuMs2rKsvQrZq9DeibGk-bhT_N52nC-BzRTwZQ0ceNUoSjNS4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc4LkgzneTZ09%2FLIP2Eu%2FhQg3jI%2BQ9bEWrG9fAqXMKMqrVLViMZwUyKFpSVXkdodQvXyOEKmCnkqZUSaaeAH63uuchrwzVDOkWnP2fLninQ98OlVrsETkLh%2BdGArGG5kd9smvCJp6A54tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8411c8ec494a6a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7fdTCFTGF3GYa-96jaO4A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame B49F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPydnAwC_6Q9-wIXYyr3_mc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPydnAwC_6Q9-wIXYyr3_mc%26google_cver%3D1

43 B
1 KB

31ms
31ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPydnAwC_6Q9-wIXYyr3_mc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYjsHx0wEwAQ&v=APEucNXoIOSFOe5H2UX8l2AM2tVZb-5dHADYG6KKQRBoaKrgtaLgOPTMTXHAk1L_YmjCZzGI7BALNN2VXP92mZHQz5s7OQEIqacCXzglT-EGX2JTwUA2taBgi-meagp6HW4eHnhuMs2rKsvQrZq9DeibGk-bhT_N52nC-BzRTwZQ0ceNUoSjNS4

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
an-x-request-uuid: 09980535-9365-4be2-9f9c-f0928d63b682
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.29; 217.114.218.29; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
an-x-request-uuid: 2d8565dd-1a04-44ae-88ab-34e767aa6110
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPydnAwC_6Q9-wIXYyr3_mc%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.29; 217.114.218.29; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B49F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMzMyNzQxODg5OTUxMjg1OA%3D%3D

170 B
243 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMzMyNzQxODg5OTUxMjg1OA%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
an-x-request-uuid: 976b384c-6c24-4638-b65e-6bd1523c09bf
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQwMzMyNzQxODg5OTUxMjg1OA%3D%3D
x-proxy-origin: 217.114.218.29; 217.114.218.29; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame C7FD 39 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 22:48:15 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D9A 0
0 55ms
54ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=2229837715234212&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
431 B 170ms
155ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=67531&u=1&new=1&wst=0&wct=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae6b9a7363d39b53910012f19c5ad181a0b937292ace5896459ab133a0d8706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 8411c8ebb8023639-FRA
expires: Sat, 06 Jan 2024 07:08:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C7FD 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3A216g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0799 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2383749160936&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0799 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2383749160936&version=m202309260101&ct=76&x=1&cor=18284272244834658000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0799 106 KB
40 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dc7zGKe0Gylw_dZeEhPy-TO8mOxI0hocBRFOe1XJ0maAX4PXN_MLgW0x3GxDuiF9AcaoTOABKRNmEMGv24A3JsKuVB3I2op3CwBAbDG-ytzdLaScd33qjWByN_Xw_ULZ208egXt2Xl9a78bg5iDxopazMQaX-GHNk3ok7TPFlw5H9qWnM&dbm_d=AKAmf-Cn0LaEwnkrgoyUUKBKXyXyjY6ICjJMzHKR-Z6tNJJ3q_m2vREqZ7LgQ1Qvt5bFAkpx_hn71y2ljuWEol2d09slJy43Swguygol4aU3U4wEJHCoW26OcookfgUwp7flgpRWSuMbKx4pxfz9mUGRkLDizraeEx0moysxPbzA6znUAIIQ0uNQd81VppC0lxtLA_kFl-XrrX9atUAPVu11wZqwsTQto6sfhO7ktIju3NZqevP7iNYMCxwJtrOlzRiK6fshGWK-qOVp4z9HmbGYD4s9GFxNIVQVeCfscfVgYrVDyvOhWAITQIhX6sQyEYr_ebNByluJSLZWN8UpXPbMKdmLWxpVXdQ_Dcv7mG_tVikZ4Y4o9qEDudagZG3ed5kc9GC6i7akTTCXoJduqiPLBAPrJyECM_PDmcLxNyLbCuSXp578IjmiVJjeOagtPLku82W-exvcES79vEg3hZkw7Dvuyqj4PT_LpVISuVoWY1KmYk6jak_mAYxR5MzR3GfKqj85L9P5UtmrPxBC1wfhfH6ZAxoOaLkMAwc-153ZsG7OFhGCr-vLBIf3l1dwMfpz1SNraIZv2uAUiVrwjAUdiSjDFYAOM1109qL2tHT8vlew6f3PnagfYIUYgwHCPauFdPx8zSgAj4lSTbr22fzVlmKwL2-iF5jRWqFdr8PCLWIYTU8rsx-k5oRxzrjwq8o4e0ogEjKMtds4arKpBiXIJQaRva7mHonK4X4gWZYCN6rp-dbALYDW6FENWKtc7isXM47fw7XxTUwu7KDBorc0kb2VbYAZw2KCJ1QiGV3BijIEgGtG_HzoGu6PH8TTZw1UQh9NEz3pQwUr0nY4skG42W_EIh-ggP9GmsT79818h0FYAyQYkwQ1a2dpojeWp-iDaX2trbAPSebd9RvrDoCL8dEs5aXjk_viQbr5eUli0jMKNa87qSi5xT_0ncPV-1BCWi4UZs8WxxvvQ6GVybhMKmICSb6bc4HeK68Cis3P1-URXk2qPBcwBpRkJdVhgatCOSWCUaZKRfHktuglLXNm9spc3Tw4KCbD0dZLXZ2VZ2gsxA_RUq0as21qnqUAti3fZSYi3W9t2_RFk0eZx_D-MM1S1PyPYLfx1rsosmUyrPR-ydpdstZLQF75AOIIPThIj6Rbp_tK9_awAj0jv-hZY4MNQzz7BTj56C4AY5K5vyeWR62ePASYcuVxiNsBgkLB3cdN-82Bd_bGTRZQ2CcoAm8KWDO9F5VVApVRix4iNQ9bCi82z5oBIpe-EHTfVGgnbxY0TzRhL3BppPzUmtx8o1ay_y-X9iDMSmhDPb5iIA_w7W4QJS8xYTHnHH8RJJ_VbUKWySdugln2hKpx7jMYTbINp6fRARtNLqAM256gPynmYTneiG-99u9X99vKVeludVnCVx2cryk1dAKHtt4YrT7b5Jyj-w_a0CBJ0gsG126mYgxC4u9KHBgDEZ0PwPyWMDTFdPm9XKkDBPVo5etbU4RilEnq62Uhx0zpnatom8Dm1-jYO8o-H-kaDokwUN1GbikHwoQbJ_-g9EacJ064WFvBDDPI02ePbH1XgxoNMrRUvRXr__2wlxdxrupyWraLvBcBfOh9rEetVFGu1j4xlXWPIMQsNmclTCdUiMYnomdkKXj1bEUQRdKQ_TGd3bm-YsmVRqTqu9q294916khanPzUI0LsQuCbnX0uBFipPFq8Pjg1IfSEO4_EsMpKzKafXL0N2a5Fl-VbEomhceA-P6ChIGJMlKmihCX0npc8a13efwTaW92QqfFOA4SWqHGqwoRtvDI3rUdEVIXm8Z0ncdH-ODnA7lXOVzXTQoDA8fzF4RkXkMkEZVuCaCB3RCChNU3cUOSp3XWVx03GS2p8xlWzahfzpRAgHeQ1WXSV75QKxRNVCMwn1xnq35OKwyFo4Olj38mtmJmSqwTL1BdkX8Km6Y82ny-25Ww4zvGF6RVhcnOVWRRNrWaH6GEPKO7CeyXAOARQJ0KcbdP65m3lK5Ri0m6iaoe4jHSDuPgWVDdN0VElePgkwEgra4ZXs3JLkhBCXXemR1X0KM5BYkjU9LA_dsfNIeYG-cEL-NE4YbqJHUU9OaLF03zrzbksAx2SR4Sx2s3VRz3ISeGyw6vajuQGcSvV8Ix_auCdIik87dYMUmkBrbYIFlzn6RVhZ5UMr0zppWLmzK7CVdAuu7TbAcB0be6__XEwN0Y36O8AkQdRibDZFi03novdzfp8Jc_xCqv64o9rREDod2NG2XhVNlHQw4_iIYKQ0DQjsIcDtfjV3T4I6HimalMA-w31dTzwdlLO0eK3EMLjGCYqkXF9yLcwHjBOAFbyWnK8yfWvL2nM3QhBwCEFNl5RjMYsLERXO_3_yU-6kUPyqCVRdWAJZoCZFB7puSvm1lKEVUoVvFUkFSQksty5CgbRxx_WKivXV2PTLtqpioRVFeKsWy_8HRTPrkDlmqQuvuFWRFhJpVq5wxwGJOy4rQXRbcNYf_UViUvUkal1Yf4QCLhjqtYalzXfLIexW8C1Q2CmfUH77j36YHCV6_H9oAVSLNQRaoAEFrSML0PeeknEXXm2hg7UsE1cEuCnQLgpEYp9V10_1n_GmtkEctJAKp2EfWRRx1R-qajrpjaSCS9VZLBEA9a8vHQ2NeFgBJIwZxUiyYAyFv9s7P_f5zzHKY5BJVhQjRJO_vFEzNX2jg6brEJ1Sq_zp-QNxRrcbjQEb8MzH6CkwnROZXWiXV8OzKXtp38jvmbPYKSbNtAzZen9Gq_jKwKDSDV_tkN3-MPFrW8IcK2XrvlAWwCde6lcIt4OuYNSXR0Dd_-5TsDyP1K_qKFO8ToyQQYySLo15oqbxhYisRaJjx4J2z_HZ9AQvofLhYxbdEw39-1bSQ5yLzeWPXzCxlK1zfbJbJe6J9r1ZkQXRQMJFheTt3nuFt49PeEp527GRkbR5g2wQCm3tflffyGb-lWAwiB1S4q8oefdeD9GCAw3IPsg62-nXzHZ-PNeZh77_qmlN5AEkEsND0G5osXWKMi8uH0ABy8nB_3k_76a6cYB0G77RwHkUH7xHYUZAdI3JpXhl956b5SkGE8B0cunubuu4cr8Ad-lx4OT_G-XMyqczrku55GKCdpJ-eJRiVBXKMbSv_WUONZd99hiOTyoo0VdTsq4BfuIXG_OeWaAecNfGDJoRvcyV2TUXxIPocCpz8rR1WZDDBMMCzTabZ4anIOp44lOMLTk_YaI3_COAm3Qm-J1udzZZwCnZ16BnzNIfajU0KGazVjY2eSDMP-nGMPqhNVVqJHh5leViJpMLLV-_7I_byILWBz9GYIZqnpP8upWnZYwbXav3ro6oMLa_3DhsGYSdVXG0S2Eyf5IWZa0NLq8_vU8QVAUzx5hbzbIk6O9EZqaX9KduVDjmANFOoV8dJU61OhpVbJd1ckzsO9V76HOA7wQ1HtLLYidLcOHKPvnncRGTVs9MvLXbUQeUwnABNUFy_rG0RhApxFtBOTy1-qqWeaoxCpVQz9zltpyyh0PPqNcsE6O4c9JZ0o95zsgA-8LEK4qQa8gCc__GfCKg9Jh42QoTZmD6XhaftsXEmWYQzUcSvsNWS36HSSVxr_1wTSxe_ovig1FLWHRHMchZnW_Mp-xC3P6CsO0SCjWZudm7FiQoeyCEWqIqhN7fx3X7nNNoOcaAFILcmLH_2A9HzdJcpYcWcjdkiPffpuDfhpsxNl_YvChA4xJ-JN-mqVw0brBPymLrVvyZqKV3YkxImfbKp0xSYhMtRR2vf8lrhHEYYtj1oiNGnIXVEnkmO1WMFX5TX12L1u3XAg_uTX5unZESLZNXBYTXIJjL4-B9kzfNNcSCDZ4V6MCWWT5SlYeoudQIgGElw&cid=CAQSOwAvHhf_qBTvtrE4mn1kJpWJjKidR5TnF6i5hjt1347wbwi1Ahu8EdfpR9wliXMxfEiDl0sXyQRO-ingGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.otempo.com.br%2F&ds=l&xdt=1&iif=1&cor=18284272244834658000&adk=2923430906&idt=230&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba78d932274be6212930b9f13a70300e6623af5bb92802669097033f9a5a9b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0799 172 KB
61 KB 87ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Origin: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 0799 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dc7zGKe0Gylw_dZeEhPy-TO8mOxI0hocBRFOe1XJ0maAX4PXN_MLgW0x3GxDuiF9AcaoTOABKRNmEMGv24A3JsKuVB3I2op3CwBAbDG-ytzdLaScd33qjWByN_Xw_ULZ208egXt2Xl9a78bg5iDxopazMQaX-GHNk3ok7TPFlw5H9qWnM&dbm_d=AKAmf-Cn0LaEwnkrgoyUUKBKXyXyjY6ICjJMzHKR-Z6tNJJ3q_m2vREqZ7LgQ1Qvt5bFAkpx_hn71y2ljuWEol2d09slJy43Swguygol4aU3U4wEJHCoW26OcookfgUwp7flgpRWSuMbKx4pxfz9mUGRkLDizraeEx0moysxPbzA6znUAIIQ0uNQd81VppC0lxtLA_kFl-XrrX9atUAPVu11wZqwsTQto6sfhO7ktIju3NZqevP7iNYMCxwJtrOlzRiK6fshGWK-qOVp4z9HmbGYD4s9GFxNIVQVeCfscfVgYrVDyvOhWAITQIhX6sQyEYr_ebNByluJSLZWN8UpXPbMKdmLWxpVXdQ_Dcv7mG_tVikZ4Y4o9qEDudagZG3ed5kc9GC6i7akTTCXoJduqiPLBAPrJyECM_PDmcLxNyLbCuSXp578IjmiVJjeOagtPLku82W-exvcES79vEg3hZkw7Dvuyqj4PT_LpVISuVoWY1KmYk6jak_mAYxR5MzR3GfKqj85L9P5UtmrPxBC1wfhfH6ZAxoOaLkMAwc-153ZsG7OFhGCr-vLBIf3l1dwMfpz1SNraIZv2uAUiVrwjAUdiSjDFYAOM1109qL2tHT8vlew6f3PnagfYIUYgwHCPauFdPx8zSgAj4lSTbr22fzVlmKwL2-iF5jRWqFdr8PCLWIYTU8rsx-k5oRxzrjwq8o4e0ogEjKMtds4arKpBiXIJQaRva7mHonK4X4gWZYCN6rp-dbALYDW6FENWKtc7isXM47fw7XxTUwu7KDBorc0kb2VbYAZw2KCJ1QiGV3BijIEgGtG_HzoGu6PH8TTZw1UQh9NEz3pQwUr0nY4skG42W_EIh-ggP9GmsT79818h0FYAyQYkwQ1a2dpojeWp-iDaX2trbAPSebd9RvrDoCL8dEs5aXjk_viQbr5eUli0jMKNa87qSi5xT_0ncPV-1BCWi4UZs8WxxvvQ6GVybhMKmICSb6bc4HeK68Cis3P1-URXk2qPBcwBpRkJdVhgatCOSWCUaZKRfHktuglLXNm9spc3Tw4KCbD0dZLXZ2VZ2gsxA_RUq0as21qnqUAti3fZSYi3W9t2_RFk0eZx_D-MM1S1PyPYLfx1rsosmUyrPR-ydpdstZLQF75AOIIPThIj6Rbp_tK9_awAj0jv-hZY4MNQzz7BTj56C4AY5K5vyeWR62ePASYcuVxiNsBgkLB3cdN-82Bd_bGTRZQ2CcoAm8KWDO9F5VVApVRix4iNQ9bCi82z5oBIpe-EHTfVGgnbxY0TzRhL3BppPzUmtx8o1ay_y-X9iDMSmhDPb5iIA_w7W4QJS8xYTHnHH8RJJ_VbUKWySdugln2hKpx7jMYTbINp6fRARtNLqAM256gPynmYTneiG-99u9X99vKVeludVnCVx2cryk1dAKHtt4YrT7b5Jyj-w_a0CBJ0gsG126mYgxC4u9KHBgDEZ0PwPyWMDTFdPm9XKkDBPVo5etbU4RilEnq62Uhx0zpnatom8Dm1-jYO8o-H-kaDokwUN1GbikHwoQbJ_-g9EacJ064WFvBDDPI02ePbH1XgxoNMrRUvRXr__2wlxdxrupyWraLvBcBfOh9rEetVFGu1j4xlXWPIMQsNmclTCdUiMYnomdkKXj1bEUQRdKQ_TGd3bm-YsmVRqTqu9q294916khanPzUI0LsQuCbnX0uBFipPFq8Pjg1IfSEO4_EsMpKzKafXL0N2a5Fl-VbEomhceA-P6ChIGJMlKmihCX0npc8a13efwTaW92QqfFOA4SWqHGqwoRtvDI3rUdEVIXm8Z0ncdH-ODnA7lXOVzXTQoDA8fzF4RkXkMkEZVuCaCB3RCChNU3cUOSp3XWVx03GS2p8xlWzahfzpRAgHeQ1WXSV75QKxRNVCMwn1xnq35OKwyFo4Olj38mtmJmSqwTL1BdkX8Km6Y82ny-25Ww4zvGF6RVhcnOVWRRNrWaH6GEPKO7CeyXAOARQJ0KcbdP65m3lK5Ri0m6iaoe4jHSDuPgWVDdN0VElePgkwEgra4ZXs3JLkhBCXXemR1X0KM5BYkjU9LA_dsfNIeYG-cEL-NE4YbqJHUU9OaLF03zrzbksAx2SR4Sx2s3VRz3ISeGyw6vajuQGcSvV8Ix_auCdIik87dYMUmkBrbYIFlzn6RVhZ5UMr0zppWLmzK7CVdAuu7TbAcB0be6__XEwN0Y36O8AkQdRibDZFi03novdzfp8Jc_xCqv64o9rREDod2NG2XhVNlHQw4_iIYKQ0DQjsIcDtfjV3T4I6HimalMA-w31dTzwdlLO0eK3EMLjGCYqkXF9yLcwHjBOAFbyWnK8yfWvL2nM3QhBwCEFNl5RjMYsLERXO_3_yU-6kUPyqCVRdWAJZoCZFB7puSvm1lKEVUoVvFUkFSQksty5CgbRxx_WKivXV2PTLtqpioRVFeKsWy_8HRTPrkDlmqQuvuFWRFhJpVq5wxwGJOy4rQXRbcNYf_UViUvUkal1Yf4QCLhjqtYalzXfLIexW8C1Q2CmfUH77j36YHCV6_H9oAVSLNQRaoAEFrSML0PeeknEXXm2hg7UsE1cEuCnQLgpEYp9V10_1n_GmtkEctJAKp2EfWRRx1R-qajrpjaSCS9VZLBEA9a8vHQ2NeFgBJIwZxUiyYAyFv9s7P_f5zzHKY5BJVhQjRJO_vFEzNX2jg6brEJ1Sq_zp-QNxRrcbjQEb8MzH6CkwnROZXWiXV8OzKXtp38jvmbPYKSbNtAzZen9Gq_jKwKDSDV_tkN3-MPFrW8IcK2XrvlAWwCde6lcIt4OuYNSXR0Dd_-5TsDyP1K_qKFO8ToyQQYySLo15oqbxhYisRaJjx4J2z_HZ9AQvofLhYxbdEw39-1bSQ5yLzeWPXzCxlK1zfbJbJe6J9r1ZkQXRQMJFheTt3nuFt49PeEp527GRkbR5g2wQCm3tflffyGb-lWAwiB1S4q8oefdeD9GCAw3IPsg62-nXzHZ-PNeZh77_qmlN5AEkEsND0G5osXWKMi8uH0ABy8nB_3k_76a6cYB0G77RwHkUH7xHYUZAdI3JpXhl956b5SkGE8B0cunubuu4cr8Ad-lx4OT_G-XMyqczrku55GKCdpJ-eJRiVBXKMbSv_WUONZd99hiOTyoo0VdTsq4BfuIXG_OeWaAecNfGDJoRvcyV2TUXxIPocCpz8rR1WZDDBMMCzTabZ4anIOp44lOMLTk_YaI3_COAm3Qm-J1udzZZwCnZ16BnzNIfajU0KGazVjY2eSDMP-nGMPqhNVVqJHh5leViJpMLLV-_7I_byILWBz9GYIZqnpP8upWnZYwbXav3ro6oMLa_3DhsGYSdVXG0S2Eyf5IWZa0NLq8_vU8QVAUzx5hbzbIk6O9EZqaX9KduVDjmANFOoV8dJU61OhpVbJd1ckzsO9V76HOA7wQ1HtLLYidLcOHKPvnncRGTVs9MvLXbUQeUwnABNUFy_rG0RhApxFtBOTy1-qqWeaoxCpVQz9zltpyyh0PPqNcsE6O4c9JZ0o95zsgA-8LEK4qQa8gCc__GfCKg9Jh42QoTZmD6XhaftsXEmWYQzUcSvsNWS36HSSVxr_1wTSxe_ovig1FLWHRHMchZnW_Mp-xC3P6CsO0SCjWZudm7FiQoeyCEWqIqhN7fx3X7nNNoOcaAFILcmLH_2A9HzdJcpYcWcjdkiPffpuDfhpsxNl_YvChA4xJ-JN-mqVw0brBPymLrVvyZqKV3YkxImfbKp0xSYhMtRR2vf8lrhHEYYtj1oiNGnIXVEnkmO1WMFX5TX12L1u3XAg_uTX5unZESLZNXBYTXIJjL4-B9kzfNNcSCDZ4V6MCWWT5SlYeoudQIgGElw&cid=CAQSOwAvHhf_qBTvtrE4mn1kJpWJjKidR5TnF6i5hjt1347wbwi1Ahu8EdfpR9wliXMxfEiDl0sXyQRO-ingGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.otempo.com.br%2F&ds=l&xdt=1&iif=1&cor=18284272244834658000&adk=2923430906&idt=230&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:45:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 0799 31 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:47:36 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0799 41 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7ED6 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 20:39:54 GMT
etag: 48472445140208031
expires: Sat, 06 Jan 2024 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0799 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a42f99dadea83adb482467e25ba3b565437ef7d83c62b3fd1b60cd70c4e5c3a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 166ms
150ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=13edf75d0368282949c89a6b2910%7C0&acc=67531&tit=O%2520TEMPO&url=https%253A%2F%2Fwww.otempo.com.br%2F&upd=1&new=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8411c8ecf8ee3639-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85596790019
https://sync2.navdmp.com/sync?prtid=2&id=85596790019&google_gid=CAESEIEP_VdDCXmERPs6zvgtlCw&google_cver=1

6 B
57 B

169ms
152ms

Script
application/javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=85596790019&google_gid=CAESEIEP_VdDCXmERPs6zvgtlCw&google_cver=1
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8411c8ed29043639-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=85596790019&google_gid=CAESEIEP_VdDCXmERPs6zvgtlCw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=26386598-ee4a-4e00-8127-43427589f5ad

43 B
152 B

161ms
146ms

Image
image/gif

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=26386598-ee4a-4e00-8127-43427589f5ad
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:10 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 8411c8eec9aa3639-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Sat, 06 Jan 2024 06:08:10 GMT
Server: MT3 1237 600843f master iad iad-pixel-x9 config_version:"2224"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=26386598-ee4a-4e00-8127-43427589f5ad
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Sat, 06 Jan 2024 06:08:24 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
87 B

28ms
21ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date: Sat, 06 Jan 2024 06:08:09 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

GET
H2 200 dds
rtb.openx.net/sync/ Frame 7ED6 43 B
236 B 90ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELZB_FwJnoGQvMx36TnR-8U&google_cver=1&google_push=AXcoOmQxD_z4aq7TpL_YQaS3KHayU6YSnzuh5NQ59gg60cZApnHdcCVF2H6zAddvp4HriPo3BGOB9Vk2awQe7tg61qTSTdO-2Lo
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7ED6 0
166 B 243ms
38ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMRErqgdxqq5XLYioijTGrc&google_cver=1&google_push=AXcoOmRn5XNfLmkRgME1oz-560kvqxoGfdn0Wk6G9QU_KQPgHuDbEP9sKnm6hTAIWNF85ya7dA9yUqvL_U-f65OXt1gUw0E_sxw
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 06 Jan 2024 06:08:08 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7ED6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOtypwID-DsPYP2PDpAEUNI&google_cver=1&google_push=AXcoOmRvbbrnzW4-4r0IGgEccbRmOVCtbys2-h_AiOcSbwFbpPEWCFEovm2k530wNGWIlzK6LgO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxTllTTFMtOS04VlpH&google_push=AXcoOmRvbbrnzW4-4r0IGgEccbRmOVCtbys2-h_AiOcSbwFbpPEWCFEovm2k530wNGWIlzK6LgOEILzMMOt2ua6-bU3-TJ2NPkg

170 B
188 B

29ms
28ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxTllTTFMtOS04VlpH&google_push=AXcoOmRvbbrnzW4-4r0IGgEccbRmOVCtbys2-h_AiOcSbwFbpPEWCFEovm2k530wNGWIlzK6LgOEILzMMOt2ua6-bU3-TJ2NPkg

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFIxTllTTFMtOS04VlpH&google_push=AXcoOmRvbbrnzW4-4r0IGgEccbRmOVCtbys2-h_AiOcSbwFbpPEWCFEovm2k530wNGWIlzK6LgOEILzMMOt2ua6-bU3-TJ2NPkg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7ED6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMag9td5jbBFegGK4Leeag&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMag9td5jbBFegGK4Leeag&google_hm=ZZjuSXXOYchA_UmQGIgjsQAACHcAAAAB&google_nid=index&google_push=AXcoOmQW8fMWGLI7X2niPDAqGObwWicaI2-XJ...

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMag9td5jbBFegGK4Leeag&google_hm=ZZjuSXXOYchA_UmQGIgjsQAACHcAAAAB&google_nid=index&google_push=AXcoOmQW8fMWGLI7X2niPDAqGObwWicaI2-XJFywhfj5UTR8Fqv4vkctdqUepywdWquf8f2rDngQUpL9kyOqS5P1wjzTScdeOVg

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ga3RJRVJfZphI5pKgwVNP6DjJgaa86yvTIl2htAuXhVW4IMvZwVNsYdBiaHyXrR8pIvUhKirs3Ve3tbiXyAg5oNshMJnBZPEAXx2vbhg%2Ffq3p3m7ztTTksqsQo9mdAL1XGVmIgufp7I8TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMag9td5jbBFegGK4Leeag&google_hm=ZZjuSXXOYchA_UmQGIgjsQAACHcAAAAB&google_nid=index&google_push=AXcoOmQW8fMWGLI7X2niPDAqGObwWicaI2-XJFywhfj5UTR8Fqv4vkctdqUepywdWquf8f2rDngQUpL9kyOqS5P1wjzTScdeOVg
cache-control: no-cache
cf-ray: 8411c8ecfd1f6a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 7ED6 43 B
199 B 156ms
44ms Image
image/gif 34.254.208.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEAt_L9IzrT7OUfyKmzx6pCs&google_cver=1&google_push=AXcoOmS1iV6K9tXsb-QrNSSw7ZkGk473w3ejOkr9muHz1RwHjxRgW9-PNbWqRJfdQ3MGuQWwzcFVI5Rq7AQXYgXy0MbJ5w3yNHQ
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.254.208.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-208-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Jan 2024 06:08:09 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7ED6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH6CLhkCIopCF4K2_B1494w&google_cver=1&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AV...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSVOZF8EcEOpP29bb0rUGzIPwtnTzj6UD1tYnnNWmE51k1l41AVlBtzqabFd3lmCEwbvzxFgIy1XbtLU1iLIgc4F_biP2w
date: Sat, 06 Jan 2024 06:08:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 7ED6
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGyPYY5zGE1hbKTaZPuOq_I&google_cver=1&google_push=AXcoOmR26DB3WjiDS81h1bAr8Wxc1QZvtzN8IpP6rAp0du5BB8UhSE_89Fnxwi4pVvAwtDTOcTnn9CPF9ou...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR26DB3WjiDS81h1bAr8Wxc1QZvtzN8IpP6rAp0du5BB8UhSE_89Fnxwi4pVvAwtDTOcTnn9CPF9ouTkJ6xyxK0e1cg2DI
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

21ms
20ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7ED6 0
12 B 27ms
27ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwWdAT64vV9uV7d_YlHFSCXuN7lRqnxkJn54u7dRvmMSFNKRqdUDrGMRuzPH0N_DkvpQeQrg

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F65 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 332571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F65 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 22:48:15 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8126095561676425865/ Frame 85D2 673 B
438 B 68ms
27ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbf4dbac916cc4aed54e2f31014ef56cc84bb0af0607a6cb1f74e8c7285ed4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 409
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:09 GMT
expires: Sun, 05 Jan 2025 06:08:09 GMT
last-modified: Fri, 01 Sep 2023 16:29:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0799 0
0 124ms
65ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvw654NrFad16E13d5t8B_AhdCxo_8emSUV8VKUUiYxfzoWLNd9jYmXYkYepPWNOByY5tEg9iMF9Ba2MCMMtnVWXyzYfIw026zScRZRoIGm0rPRfw5iNCWctHAozk0YWmw3KL5wx9S3vcUrh1TUs58uu0cpsORJHwRwEnJLj1oKj_CNhDulP_uY2QcXe5XcbV5WcRFj4ZuyXTBUNUAt-v0nlDohBZi26mmJuGhX1ZW9hE3VVJthX-n7s0moN0sa9OnCT4c5KzCxCQAlzcyYGUBXokGy3L-tHwjd-moCyTY0bpjIs_C82nb1qxyPR8HOzWIAvtmXKdHYmCaVV67rsBX_9koRMmBypH9y8AIJdsbGa0kkcVF3NtDeGhzrYJ-uzPzGiBz-bkrf0Yf4aUFS56wry1OOQE43EdMyBcmLxXMkh3Z5GFLAWPNH0DHGTApsMcpDt6rKgQ04DGrUgzpQbw_UzA6_-euybKvSSwroI9RrFjmmhb4-jR8PHS5Ee4Mr2iVMLrlgdESjyS9o8E0kJeyzcWWLRm0-hBhivlTeCMXvrNv3Ig4VbI3WIeNECsJSBT0UGfM_UkWgPrY-z0-6qhTKxUuHF-kjI_fRc6V9UiT2p-zbTsr5BPbWB7anxRuwKDt3L2zkEuLWgSolsCqP0oDeuO-ht8ij1hH4702CShRju445lGXSs1HJeBjKoWlAko1QqT8oGCIhudHEf8RLoGsVBGs-7HGgNrSsaKq3PHkbA0Io4jq44XjrY24NUaOqO0oHOdaR_Ske5qM4qi4UzNpe-S-L_D0GXm8t0Pk61LHU9XVWeT56O1XeKCSjRj-o-in5SUpBzw5sf3YHLfrvMAyRTaaSfHzWhs5MxKklvDVx18ixvKC9ZGmwssXtat0uz6fqdyrKB4xFqhI-6Rt0jsEcXfQsx9sIzQaKFjwukDa7xQMeQSBSagwkfzyvM8qxZBsrsmSb06g-8rFn3E7KRaqzq9e25CSZLpyO5xO7X0mvwTCevwBkxvvbi45q09Hv4BiPo1Jz2R_gd-HamVF8zTZG6-LNy7-qKCjrgDKhWYgIUlQVADZZgXHEEif43wu1YmMwdF77El_CtK9gCG3bqx338Htuh0uhw0I8v-IZsIFkim5NgLLbtPNlrNoChHcIQnlnIpyk9Y-w4GRkXTfeiwg1AyT__SpKnZSGUXZ4MZzeJECGimIaTGNBjg_xB_dEYSY4BQ5dW4NVYvRcJYBX_f08XKfM39tJ42jusLtMAt23o0flcFXhDlaijG9DHhUOvGyGDf43ODUt85jQR-2HDX9piRBAR8a-20PEW5OO4PCAFTw3_VM73790lNk136UF_DXpcOcgJGQFFFgZoI_Im4BauGciefPvZlVLBftMK3SCKBOYrkolUOfm_coNcVwDOAiZYgamNa-Wx2BkuSRfZX9O6MXQGVgA-BLYg6VT2jaQkW8aUyhVzxfCa2n2pO1AalaGXVOpmA&sai=AMfl-YRaCQZYSmvralM7_Yg2SGPP9Z_zk6s67RwdZYkj2Rx7zcAjwzTcpGpbKSf7hTiZsGwR_T8GzpxjWKMBDdHC9tlsMsEitKEa36BKHSYPNKAGuJ8688GOHgKm7GLpMrH3eDlh-xAttihtOmKmtf-WJxPmGXv5UICFkxKYACjGMIsYwVfTYiHwemN2EFYbHCQNeRlPCPRjq8Vo3lIwGsv_RRMLNnyUCBxulnyrMwSe4NZKMQ1pGHllwOpbS_9DZ0zjqZZc&sig=Cg0ArKJSzDrszrptJIJvEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=132&cisv=r20240103.89642&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F65 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bk3TVSe6YZcTbJLPk7_UPrpS0qAEAAAAAOAHgBAI&bg=!6uml6abNAAY3kmNgF5I7ADQBe5WfOMubWhyWPVnzZAdBihTY0afYIaI9rKQvJWtfkGRZ0RTHa2_AaIXKUv0WYIwLrLqTAgAAADdSAAAAAmgBB5kDAO0T4X6d319_dPUEa9SQUiuD4WuTlELnvb1dRzi5OxhvqtnjoHvY5jrU8t-ySpz34X5Er7Bx73mpgc0MN9MoaXKWqFvkKTkiXl089mmtoTWxeSd4_NU0zQO2P5xGvz3RypR2HEnE10pJUcThmUM-YCOTXYV5zdd3yI-lNOjNFwqABEqjbYRCl1q7krfhInbX3_xFWbL-s2v83gUM9oyGCY756GqU_v0cIQsYjVUIJVmkRDhG8pu6gyHQkUXTo-2wO9xiAfwxqaO0oetVXkXiE6MydtUG74wh23Dzd3c9Ghtix0JcpTVBXtEqHib0C-CvfLdM77F7hZXten2Z1fZurVOKAuTXpWz-6Zkpi-oTT_gfhFtMCNuefC83i9wjQFjy_g3I_emmuNfU5W2LNCAmJTd6EqjZg5sYWAdw0sEv4MSliSzGepUAT2NhWSpQpAyhraLvI_qB9JO5Bb1xNBKsDafMj8lef0NFfQaOmtx4P8ITvIdirBSqOPFlLJzNNWgVDJ_Zjgo4zKHFVNrl_7wiU-1qm-Z20mkbgFdpnCjLOoPi3Pi_4gQw_yVfbAm_0pn1rjn5lMjIbEZ3E3dsHPkdex58lZK5xSjmtjRygGjpwfTUHGdvKX18rVAJyCcNSxPg0n3sBv3KH71m9pOsKOH3tYKahjqiwanXZGMKLEcZqeN_aO4tDAfLhojQI8s-qiVaemGCsgbzYLfEyUudLb4NlsQ3d8SKHnhXxhJL7GcIUo18KlAscQZv0Xlo92Y1qM39rBfVdR3gRSuFEyWglVCz-agK1nu_mHQe0vmJ-cFC8f7Ti7tHvbPEHEH8H5smT83aq1_OoXTFiS5mJfJWVflnMyGPVNTx3PMTOEAZv73r2bJTZjcLDbE_M6z3mFOshUHi8Col2yFf2GUq68eFrrXIF45B3wLsTTR4931lzcyOk-aerbct-Vh07BKIdAXPlSFHOQecPMFS5ksXwILa7_GCwzqHrvSoHntR4SiZq7qofUr-MZomSan8ARder_nz8568qA

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF8D 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:08 GMT
expires: Sun, 05 Jan 2025 06:08:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 85D2 120 KB
41 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 12:23:29 GMT

GET
H3 200 template-489be870.js Show response
s0.2mdn.net/sadbundle/8126095561676425865/ Frame 85D2 40 KB
14 KB 32ms
31ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8126095561676425865/template-489be870.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 09:06:00 GMT
date: Tue, 02 Jan 2024 09:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14187
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:29:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index-be1f7599.css
s0.2mdn.net/sadbundle/8126095561676425865/ Frame 85D2 4 KB
1 KB 22ms
22ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8126095561676425865/index-be1f7599.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 01:42:33 GMT
date: Fri, 05 Jan 2024 01:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1385
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:29:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B514 624 B
242 B 62ms
61ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY_pTo7QEwAQ&v=APEucNXupweFDWuxG6q06bexMhobzNFLZfQeABxInD4p31ECMPH3FjexNOm8L-UrZ5gmO6a8NWaltv8Bp1S6lJXOdCRqMyjB5Zk6qJNj9Q7VflQwBeSisTyPxVKRyw2C1GqreZer77-9jFA6bMyeakaZi_Wdx210fZ-w-XGRyOZKpC3DtqRw2pU

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 06 Jan 2024 06:08:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AF8D 89 KB
31 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 06:08:09 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF8D 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cqq9g0a6e8r2_OCu1Gab5W6G5KdBUIfPK50FNz98qoaRgUSbLSMLPxuSwkuHteWcO4Xh2ckwqvj44tLC-IsEpJ0eVlDSVYAIUZYzTif5LA--Ciolo

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame AF8D 3 KB
4 KB 108ms
32ms Script
text/javascript 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=65396891;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20536345119&extPm=20536345119&extCr=498731646&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CLiLsSe6YZdfKINaG7_UP4dWToAvx77asc7f_--qFEs_Xor3AARABIKDY5H5glYKAgJQHoAGGx5i3KcgBCakCEw_QOdxbsj6oAwHIA5sEqgSpAk_QUw8mPUgZZxKbwn8p-112ZWo1wZgla2dUn6abRFxs5jXL_9MJGggWl_t1qpropTWZW0tFSZ10U6DcfGQmNupOD6F7T4j5My-_oyTdPPm-2jZF2wSHxDIWRedytz9QHRWfEJDekjK6t5SaMyZuUVws5Gn-F8LyJ1FeRQ0JSQqTvzD-RnStWsePP48_ODuXXDC3Rs1oAy9CHB4288ShGb2LMAtl6Ed1Y4tcFMp3UPS5DlFHycUwPZf1aY0pwCrFNk2P4yQFLelQSd5BjMYoaa_sNKQ0vkU89i8QceggQ0O3EvjhLnPMH1Z-SaaJyZuWHBKsYXHv7CuVcVRnPDWVBdsLlqSt8EXHeyxAV7sXJDZ8gcjW9m-J66z1mdXxdZB6RFKz1_umw38BLMAEx86157wE4AQDiAWfhL_ATJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljs0LXPjMiDA4AKA5gLAcgLAYAMAaIMCCoGCgS7u7ECqg0CREXiDRMI1Pm1z4zIgwMVVsO7CB3h6gS0sBP2vZQW0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPAAvHhf_pOp5Ta-_Y90ZUcltzCqnpvhBVtVYoDXjQ42T57szEpYMszSkUTjNGUZrGc8L3zQMmzJsfZRo0hgB&sig=AOD64_1N80S6IGerj0DYMyL-ZbySRxQ_Pw&client=ca-pub-4253883158590606&dbm_c=AKAmf-CCNAWxZs_kA9bazZRSoYXTvLkSmAhdw2Ywq2JwzJznaSP1fAIIfWfypGB_RUy_yr6AoortNE0IgQt_q9rD7G7-dK1mDVCUW2vbb-JzN_VJubJ4n1Br1MSLdQuh22c_j-hW5_3_GY-mDJqjCQGVE3WqhGFgOT7gITeueNxymnt8JL0r3R8&cry=1&dbm_d=AKAmf-Cz5t5ZyxjtXd8a6iF7byBNhsbiMm_2cIekdQWig7EcqlU_6qpvEWcE3GaZmt6-fbwyOAfFl07FrCs1idOZflsMF-J5m5myXhCamWJI1tbD6pjzn4A5P2rr_6d3FYLffu8A1EPGGko-op4sTksdNaxyvh13I02VaIbAEVJBt5nm0kRhB3yZesHWXVQr02VaXHGDoy4Hbfkvduy_Sy1rGNGq8xO2gFIhQXvDyocoYHVDat5vB8OxLXBzzeXyd1TUN99Vi_fX-jQy02xBNbwA2l1Kqe39_brt34xdrUwC8RAftPRPp9k2bOiQj70LSv-ieYk1NuEVfhxl_vYY4JPQEjBM1zt7z955oMvSF_o_3D80_i9H157tkVtnvGlUAHIWECiuK4ibL98S_pEea4dC7Kl6drMI3xIBjDGvcoX2XyF9HSq9TtXLdRJaIkXY8qLy1iyx1qvdGkOyOkb-kQ4MlkaxIiz8BrhuKOnZJFr9DdHHFx1lrKvgBpJP83Z5l_yqcrMUWUlePQ5ujmsDS7BS_C6f9A36FRdAnHwDdObYPfbKEhA3ZMxOcs5JjstJRnsu_SqHKL99&adurl=

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

930fbe29713b2576dcf9687aa4afb6d811bc4a6a6adffb874786ee8a77f57763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3026
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame AF8D 43 B
1 KB 154ms
33ms Script
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20536345119&extPm=20536345119&extCr=498731646&rnd=1704521289533847

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sat, 06 Jan 2024 06:08:09 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Sa, 06 Jan 2024 06:08:09 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame AF8D 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 15:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 15:03:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame AF8D 20 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 10:12:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AF8D 0
0 29ms
27ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn7dfPYz__BomcCAWGN48-dHn5EbgTlWMMfEocEcX3jkbl_H3ZeciccgGh2_XoIBUcjz8ofweRHzIU5322fSd-TjFyqQ
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF8D 204 KB
64 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 06:08:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0799 0
0 58ms
57ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvw654NrFad16E13d5t8B_AhdCxo_8emSUV8VKUUiYxfzoWLNd9jYmXYkYepPWNOByY5tEg9iMF9Ba2MCMMtnVWXyzYfIw026zScRZRoIGm0rPRfw5iNCWctHAozk0YWmw3KL5wx9S3vcUrh1TUs58uu0cpsORJHwRwEnJLj1oKj_CNhDulP_uY2QcXe5XcbV5WcRFj4ZuyXTBUNUAt-v0nlDohBZi26mmJuGhX1ZW9hE3VVJthX-n7s0moN0sa9OnCT4c5KzCxCQAlzcyYGUBXokGy3L-tHwjd-moCyTY0bpjIs_C82nb1qxyPR8HOzWIAvtmXKdHYmCaVV67rsBX_9koRMmBypH9y8AIJdsbGa0kkcVF3NtDeGhzrYJ-uzPzGiBz-bkrf0Yf4aUFS56wry1OOQE43EdMyBcmLxXMkh3Z5GFLAWPNH0DHGTApsMcpDt6rKgQ04DGrUgzpQbw_UzA6_-euybKvSSwroI9RrFjmmhb4-jR8PHS5Ee4Mr2iVMLrlgdESjyS9o8E0kJeyzcWWLRm0-hBhivlTeCMXvrNv3Ig4VbI3WIeNECsJSBT0UGfM_UkWgPrY-z0-6qhTKxUuHF-kjI_fRc6V9UiT2p-zbTsr5BPbWB7anxRuwKDt3L2zkEuLWgSolsCqP0oDeuO-ht8ij1hH4702CShRju445lGXSs1HJeBjKoWlAko1QqT8oGCIhudHEf8RLoGsVBGs-7HGgNrSsaKq3PHkbA0Io4jq44XjrY24NUaOqO0oHOdaR_Ske5qM4qi4UzNpe-S-L_D0GXm8t0Pk61LHU9XVWeT56O1XeKCSjRj-o-in5SUpBzw5sf3YHLfrvMAyRTaaSfHzWhs5MxKklvDVx18ixvKC9ZGmwssXtat0uz6fqdyrKB4xFqhI-6Rt0jsEcXfQsx9sIzQaKFjwukDa7xQMeQSBSagwkfzyvM8qxZBsrsmSb06g-8rFn3E7KRaqzq9e25CSZLpyO5xO7X0mvwTCevwBkxvvbi45q09Hv4BiPo1Jz2R_gd-HamVF8zTZG6-LNy7-qKCjrgDKhWYgIUlQVADZZgXHEEif43wu1YmMwdF77El_CtK9gCG3bqx338Htuh0uhw0I8v-IZsIFkim5NgLLbtPNlrNoChHcIQnlnIpyk9Y-w4GRkXTfeiwg1AyT__SpKnZSGUXZ4MZzeJECGimIaTGNBjg_xB_dEYSY4BQ5dW4NVYvRcJYBX_f08XKfM39tJ42jusLtMAt23o0flcFXhDlaijG9DHhUOvGyGDf43ODUt85jQR-2HDX9piRBAR8a-20PEW5OO4PCAFTw3_VM73790lNk136UF_DXpcOcgJGQFFFgZoI_Im4BauGciefPvZlVLBftMK3SCKBOYrkolUOfm_coNcVwDOAiZYgamNa-Wx2BkuSRfZX9O6MXQGVgA-BLYg6VT2jaQkW8aUyhVzxfCa2n2pO1AalaGXVOpmA&sai=AMfl-YRaCQZYSmvralM7_Yg2SGPP9Z_zk6s67RwdZYkj2Rx7zcAjwzTcpGpbKSf7hTiZsGwR_T8GzpxjWKMBDdHC9tlsMsEitKEa36BKHSYPNKAGuJ8688GOHgKm7GLpMrH3eDlh-xAttihtOmKmtf-WJxPmGXv5UICFkxKYACjGMIsYwVfTYiHwemN2EFYbHCQNeRlPCPRjq8Vo3lIwGsv_RRMLNnyUCBxulnyrMwSe4NZKMQ1pGHllwOpbS_9DZ0zjqZZc&sig=Cg0ArKJSzDrszrptJIJvEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=254&vt=11&dtpt=117&dett=3&cstd=132&cisv=r20240103.89642&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B514
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1

43 B
736 B

50ms
50ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY_pTo7QEwAQ&v=APEucNXupweFDWuxG6q06bexMhobzNFLZfQeABxInD4p31ECMPH3FjexNOm8L-UrZ5gmO6a8NWaltv8Bp1S6lJXOdCRqMyjB5Zk6qJNj9Q7VflQwBeSisTyPxVKRyw2C1GqreZer77-9jFA6bMyeakaZi_Wdx210fZ-w-XGRyOZKpC3DtqRw2pU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFq9ZNrIDqPRJTq0%2BhqEEH%2BE3%2BXpI70W%2B68AzeuHsG6Y6vLvLUEFEgHEuCrtbPiN2lw8iVATAjhD5O5sq27JuchG78iTP939a2T1A4xTDlTK9Iq%2FsCdGZduYZqmcFuBL30XzUS1W72CZDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8411c8ee7c156a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B514
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZjuSXXOYchA-UmQGIgjsQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1

43 B
737 B

52ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY_pTo7QEwAQ&v=APEucNXupweFDWuxG6q06bexMhobzNFLZfQeABxInD4p31ECMPH3FjexNOm8L-UrZ5gmO6a8NWaltv8Bp1S6lJXOdCRqMyjB5Zk6qJNj9Q7VflQwBeSisTyPxVKRyw2C1GqreZer77-9jFA6bMyeakaZi_Wdx210fZ-w-XGRyOZKpC3DtqRw2pU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGz5HL8hR6BS%2BTf%2FZKVWZP6a9NushEd%2FaHaY5TT0BD39k2v2wUqYeoKVh8jC3QYY2%2FSzPZfSFWCyHxNeKsWQBKK0XlEqXmDsOkLyW90TQpzK6ptaOOLPJM5apgSeYggMAFmsVqs6RDvv%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8411c8eedc726a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFprt5z0xPNtLuaID2Y9U80&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame B514
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAhFmyDnB5CyxHhmIfEMjr8&google_cver=1

43 B
1011 B

31ms
31ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAhFmyDnB5CyxHhmIfEMjr8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQY_pTo7QEwAQ&v=APEucNXupweFDWuxG6q06bexMhobzNFLZfQeABxInD4p31ECMPH3FjexNOm8L-UrZ5gmO6a8NWaltv8Bp1S6lJXOdCRqMyjB5Zk6qJNj9Q7VflQwBeSisTyPxVKRyw2C1GqreZer77-9jFA6bMyeakaZi_Wdx210fZ-w-XGRyOZKpC3DtqRw2pU

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
an-x-request-uuid: 485c1019-2ce9-4298-9d82-907eee766b5d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.29; 217.114.218.29; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAhFmyDnB5CyxHhmIfEMjr8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B514
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2OTkyMTgzOTkyNDk4MjUwMg%3D%3D

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2OTkyMTgzOTkyNDk4MjUwMg%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:09 GMT
an-x-request-uuid: 336c025a-94c5-45e9-b222-26e096d2f938
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI2OTkyMTgzOTkyNDk4MjUwMg%3D%3D
x-proxy-origin: 217.114.218.29; 217.114.218.29; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF8D 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5251399957964&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF8D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5251399957964&version=m202309260101&ct=77&x=1&cor=4961071151917812000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AF8D 34 KB
19 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTSIOaO5susk_9sxTCWHZr5nq2qds2UcFOWC0mFrQAebueBmlE-0bQb6_WDImHWq5OLKLb-n1WlOzn4ZFsaXcX_nqTEWJpCEdEui0XyGydt8AZIWl3wTTP1ZBgtb69szqA50_463B38tGwdgnw9rEXhim_f9LKsFQdFSk_hze6JiaTrEc&cry=1&dbm_d=AKAmf-BKnxk-s8d8hHDW_7NjnKGAeKo47G6d1NHka0rL5dNDRIA6OipdcYLMzds3BYRsybhVMa0Hs-9VWYGEJQMdd255PJpt5gfOESN3Zopuu6roLPkc-upDpEcAPfE8XfBkxv95hVG51U-O_AvINf5gpDZ4IdIJLK5QGUQtuLvf3qx2Lg54SDTAqXBf9o0JjTu2o0Yi_XiNrtY_x99J-gKNwVEHvItUZWSAJUoinao_QuLYQXfEkogIFpHZSSgz3Z76Wo4O4Z3vzs5DLZJczS_P8tOhHHz5TG42eqk2gyVhz1sTTyypyOOgOVelZsX3-zHgpU_UZIHbk88ZdtroE9rqxHsHjOiUqbq4_5drldzqZKAiai5iXu4Xl8acq84N0KEEC73pJBTukwsQvz7HqulWlB9ftqNeECRX1vT4QpPPAoSSkRH-qKPJrY7Gg8OvHy47hTGjtVz6FYocRIw5ltB-3F_OWpqJHIn-_IK0-x1kKs86JhAGSatUVRlNoRe57gdP_8qvp4NbDYA0w_GBqELj2x4pmiPlhC0nfT5tdUPs4MLqjwORkZqolVGk80rSDlz01dZ-zGwEHyNDlNKytvs02wY2jJsmtg5cI8agNdCLSiJm0vX_WcpcewbLs6I34q2j_hpwgm7NU8-BNROths9svyxAPbqEynVccvEAQ7DI6zFOX4zcLTUY908_3VF9vorl2t6G1VEIiOy1eQ3Cd-UcOCvnoSSLAyol6S2cb24h-pOidH14l2pdyY6nyrx9nM1Xqq3hQlw3h9vAYMwz0B3_e-hJxl0Y2MFIaQbqw0UHGXWoGvjMaMmB84WygC4oI1E2t4sd54rl_BeoxTFb2HkmWf8ejHXXBeyHC_ahgX7vfbM0qu78f3bRBRNe5Scf0PyNc78yxGM0l_wgEqzDlEiSIObaTCF5y_fyuzywDALSMYxwTndNjAGNErQimknk2gxUVEHg5gVN8HriH_yn_hJmg7qk7T43fAJegLK5G4LGj_1mM00Qy4G0_avg6E9HgJdidt657aB_iRFV2Al9s7617y4Cu8fxgjqgZNEtq16GYuOzQsElJwm3nn8PUAMQfrEk1Q0vxJKaRLNAa7h1KG0iAbaBvoquPPLGIfkHL2mWxB57mrSdKLNzsT_QLhBZIYHplSaMJ9xnr8K2J1zm6NFGCtFyLa9hMW2s6V2zKooBLcem9lo_GKU4zn3OmyPlS6MsMBpy8DYYaNM2qrCuSX1mq3CFOxxeQsqgm8MKIRDaLd7CFZjDHOT7G7pfev448T6Js5gDPlC_f23LqpGPfOMInR8YB7RqU0AP5yX7Sa_mZEkpP_GeIPXhjHSCmP7G2u4brsNvRz2WhhvYt05J3GAa679vPNp-3HaG5VzFOfgwsaGmyT4WasTMGCX9NFcrIjFh7BFZB887fcBmFUdgsPC0sadQjf-y8Ot0Rqavbuz8FeRirOz260JYNYXI3OndOXHJHTGKTk90OWsuyuLX5k8OAtuiyOyKnTm0WtaBxmliB5e1r7_6ncOqu1dxK_piQ48VtlHwTKq5ZB_6wAExJyqZfXPG7uzKOlSK_7qTTy0Yupz9HcIPzuFrzcG1s21ydZH3H1EtVimo-_HzyNXd-q85ERjEPBWtNXY8yfUYAkQAbTd4p7bc68oG4UGKijrVuLRdnnuJaoRtuZ_RchV6xjckp1-pPQXY7C7vSocrpb7xmFaorOhPJxz9hi04PQQNE30gpTj2pp671g9bdHGLgEkxz0cAH-N6eT63Gy7Kmr83v-RJLgeFB-3ikqhvHWMvvreXZtuUDxI7Cngsj0jfqOSqs6ylydSiWN1eJkXeHctdzo3brAwCiUIXiiX6ZyasaEzQ89h-dTHfaXSjlCBlVvroMKhk3mQ8PnmFdsQ010xw25ybgpMlWDCw6EI871EBqtUSwWgrGymzE_V7m6Jj4bppvzsAfYZQmcNYMWgiOtxyqM8QqpftGISOzYMXUGdm-0TVMXYlYb_0qg65-uugTZnVGC3eikOeBq03i2n97AU1HtHtpSjeK83xi0Ambeg6TE-qiOMlZE6Pg5baaf0XExWrWwA3JMuThSfIPLMn3hKLvCDjIjTQVRQfhNX0SSjBDzlpICb_QrcqO1jCmDO6uTjfN9I6qm1-FG6Y_M5YW7e0oNiJ5WHS8iubnPAn_7jmYTUAx_fvR2paIrmfH8F4FBe5bP-a8ZmFqH90Tob2wUSxFNptSnGvo0FjCimNTxatpD_UmfaBwUgVxnkLyT7hU2rFpZTsh2ROzulyIcftCPXJKi7WtS61YEYPPS_jdQ0m3IMFNo4o7dEwQIVKUfNi2_afc2TCVqOavY-Ii-1WSISF23VbiT7nx83FwBaAJLCq7LnkFMZU8nEDDwjx8TxOVPUsWNXohosPgVVhqs4Zp3msapss0vQHyxsjUcpDfVm3UMibygX0pBwJAFt3SO2PR4MfSg9YOgs9hxv1O1TD-iQOmEtTe0-8l0_3PErvE-VvTwCjuSfeBmeIr7XlZEwHaFOLLNixYUMDgQUZqF5CqrM92N1IToqhasEocSA6-NuiQyqhJ9f9RLVa31s6APbkgecMFySh4FJrQHH4wIgh1CrMe2xQU3tWWHemdnLB4fXmr2jJQznL7LM5TCEYLgNkw7A5-BXEN5McJ3tv9NS0JM1U4PDMx0G14H-lr3RkJq-pLfBFrFc09yFq232L2NxgsRV6VyDAvfKbS9VBNDCpHqrcB6NJOIR-S36EGm5t8zvYn2TZKxh-y-1wH3OXpIBpolx101L6CZXIe3AmosG0vWPRCLjjErTJI416pugkGIKnqomWqRrxow0pblACQ833qIXux7sQMMpNoAD2yxnprqV71tEV9Z4IS_lQtkR60vu4qYaSk3fhO-QsQ1i4IBuphMwHKHEdqFXsgWosl2nsKepHUGXZmidgfaXrf5as39MTQvc54NwDbuAd_7H41AdoZMBljXJcI1rxAq35gh2j4DD8Ok-FK8PCcWBbTKyqEnRwbSfSYvp1GbQnmUaT3ASEt3OwxSOSMy2g3p11L8k82yNOVdXLt6c-vZd_7PXZ0TmMetaCvL_uxB9BlOmptKQxy2zcyItXK2RXdgtwVqd4gH8v8VW8U_fBikZ_lrXq0wAF8Uk2gcUxFNFWgGN3v0Dpmf9pvXCNa43bB-GqrxjMxl75ugWAz9amrm9XNhCGcQ9lpplp0XtW2eUnC7Rjo1rbVG5PLhypKebxhd7LmKHpZsrXu2ahED6a-zElVlzFZ1NaK2haSCUxbESbhRhNaZWgaYN-dU4WP8rMvlh_aY-5bCw-ex21-W3XeIyMgjnH220NDv75bz1vjrTumncVxBzuFjcplKOrk3DjgknTFN5lHdk4vg3OVDOz7z2vHmc_fdFezDY0DuCm2-s5-Fzp9BcD_Ode2zhCeXWAbBUQ1n9mZsUWOpBMY3VvJVtBFJn_nQ8V8IDZwo4Tu8p_RIM0f783ncXS2B3Od2js_QyERXY__Ri3Gx6xDpVim-m2ADKNEINO-fEcgPGnZV88G9DiyIw5dGrLbBi6P-T-DNKpP3dQif4WMgNGNcQG-298hW_NsLisU_78wqmQgPgMXT0i1admgQyiYzJYlWxBdNBGttRYK1Lunm61nUVbsT9U4_Dx26bU-X9IKliVw1JTgyNYpsU3YrsdSkqB7MHUp1Ejj3RYR_4M0t2W867gg3TpRPcx1-MUWdB3Yc7IldKC_igDTTTrudGVhGAxHqsnlhO-lyPbAmskVOn8CuDRjmghHYKm1BFAKBqGVc42_3SObE0Cqk1F3XwyPBvjiEHOv8v91DvqsctCDNcQZgu2pNd4lKBs2GbrB9QrXabWJi-iHaWvoX04Ow_Rf_jN3DYcw-5MueVHPoY4aMKUrVr4crC2aMzTRrqIEfCCRZaVavimLtWrZdH-jt5yO-k1WJljGoraC0wznimsqAA7xT9qtCqUqLvOJecN9-Y305_RirDdJDbFg3ZgiZfnmJDeTGoCDCMazoeLOsgS6VLY2mMaMsEvECHcOfKm5oB0W8jx4Hr1PjXIcjvtsAtgnZry7xdM8oyEYtIv5RlR1GMBWjK4zWw&cid=CAQSPAAvHhf_pOp5Ta-_Y90ZUcltzCqnpvhBVtVYoDXjQ42T57szEpYMszSkUTjNGUZrGc8L3zQMmzJsfZRo0hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.otempo.com.br%2F&ds=l&xdt=1&iif=1&cor=4961071151917812000&adk=2228999114&idt=110&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64689924c252c5f78503e1ac6f1f92ddfba2cd448bcad60ca4452781fa220be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19605
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 85D2 8 KB
6 KB 62ms
61ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98d643f22eafd2b0c8aaf376a69b60682838119181fe9db8de8c3c74b8c0246a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5852
x-xss-protection: 0

GET
H3 200 0_noimage.gif
s0.2mdn.net/4528404/ Frame 85D2 54 B
77 B 22ms
21ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/0_noimage.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16c98584b72f73a64ee22a1d59be1b62571672811dfd34600cb0dda265f8f491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:23:26 GMT
x-content-type-options: nosniff
age: 63884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 15:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 12:23:26 GMT

GET
H3 200 Agata_Mars_Motiv_1_Selfie.png
s0.2mdn.net/4528404/ Frame 85D2 4 MB
4 MB 26ms
25ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/Agata_Mars_Motiv_1_Selfie.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ccbba7dd5aca9535deee804349133034d9e0e2172596287655fc0fb96ca737b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:47:00 GMT
x-content-type-options: nosniff
age: 26470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047585
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 13:00:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 22:47:00 GMT

GET
H3 200 congstar-stoerer_gb-plus_big_lila.svg
s0.2mdn.net/4528404/1688648407429/ Frame 85D2 5 KB
2 KB 24ms
24ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1688648407429/congstar-stoerer_gb-plus_big_lila.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d84570d037eab308bcb515a7ba9ce502da0d072895c1ba7a3876f6d7910373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2211
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 13:00:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 20:43:31 GMT

GET
H3 200 logo-v3.svg
s0.2mdn.net/4528404/1687523401859/ Frame 85D2 5 KB
2 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687523401859/logo-v3.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6369e4c9740249c8c46083cfdd770877932dbf76e3ba6ffc9caf226cfa4b8dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:50:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1853
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 18:50:49 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 85D2 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 03:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jan 2024 03:29:58 GMT

GET
H3 200 congstar-stoerer_gb-plus_small_lila.svg
s0.2mdn.net/4528404/1688648402398/ Frame 85D2 2 KB
1 KB 27ms
27ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1688648402398/congstar-stoerer_gb-plus_small_lila.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cc53e2b17047493e459e5fabde8f3efdd79de048e6fe885f77fcb070234e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1000
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 20:43:31 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/8126095561676425865/ Frame 85D2 5 KB
2 KB 27ms
26ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8126095561676425865/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 00:27:15 GMT
date: Fri, 05 Jan 2024 00:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 16:29:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame AF8D 31 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTSIOaO5susk_9sxTCWHZr5nq2qds2UcFOWC0mFrQAebueBmlE-0bQb6_WDImHWq5OLKLb-n1WlOzn4ZFsaXcX_nqTEWJpCEdEui0XyGydt8AZIWl3wTTP1ZBgtb69szqA50_463B38tGwdgnw9rEXhim_f9LKsFQdFSk_hze6JiaTrEc&cry=1&dbm_d=AKAmf-BKnxk-s8d8hHDW_7NjnKGAeKo47G6d1NHka0rL5dNDRIA6OipdcYLMzds3BYRsybhVMa0Hs-9VWYGEJQMdd255PJpt5gfOESN3Zopuu6roLPkc-upDpEcAPfE8XfBkxv95hVG51U-O_AvINf5gpDZ4IdIJLK5QGUQtuLvf3qx2Lg54SDTAqXBf9o0JjTu2o0Yi_XiNrtY_x99J-gKNwVEHvItUZWSAJUoinao_QuLYQXfEkogIFpHZSSgz3Z76Wo4O4Z3vzs5DLZJczS_P8tOhHHz5TG42eqk2gyVhz1sTTyypyOOgOVelZsX3-zHgpU_UZIHbk88ZdtroE9rqxHsHjOiUqbq4_5drldzqZKAiai5iXu4Xl8acq84N0KEEC73pJBTukwsQvz7HqulWlB9ftqNeECRX1vT4QpPPAoSSkRH-qKPJrY7Gg8OvHy47hTGjtVz6FYocRIw5ltB-3F_OWpqJHIn-_IK0-x1kKs86JhAGSatUVRlNoRe57gdP_8qvp4NbDYA0w_GBqELj2x4pmiPlhC0nfT5tdUPs4MLqjwORkZqolVGk80rSDlz01dZ-zGwEHyNDlNKytvs02wY2jJsmtg5cI8agNdCLSiJm0vX_WcpcewbLs6I34q2j_hpwgm7NU8-BNROths9svyxAPbqEynVccvEAQ7DI6zFOX4zcLTUY908_3VF9vorl2t6G1VEIiOy1eQ3Cd-UcOCvnoSSLAyol6S2cb24h-pOidH14l2pdyY6nyrx9nM1Xqq3hQlw3h9vAYMwz0B3_e-hJxl0Y2MFIaQbqw0UHGXWoGvjMaMmB84WygC4oI1E2t4sd54rl_BeoxTFb2HkmWf8ejHXXBeyHC_ahgX7vfbM0qu78f3bRBRNe5Scf0PyNc78yxGM0l_wgEqzDlEiSIObaTCF5y_fyuzywDALSMYxwTndNjAGNErQimknk2gxUVEHg5gVN8HriH_yn_hJmg7qk7T43fAJegLK5G4LGj_1mM00Qy4G0_avg6E9HgJdidt657aB_iRFV2Al9s7617y4Cu8fxgjqgZNEtq16GYuOzQsElJwm3nn8PUAMQfrEk1Q0vxJKaRLNAa7h1KG0iAbaBvoquPPLGIfkHL2mWxB57mrSdKLNzsT_QLhBZIYHplSaMJ9xnr8K2J1zm6NFGCtFyLa9hMW2s6V2zKooBLcem9lo_GKU4zn3OmyPlS6MsMBpy8DYYaNM2qrCuSX1mq3CFOxxeQsqgm8MKIRDaLd7CFZjDHOT7G7pfev448T6Js5gDPlC_f23LqpGPfOMInR8YB7RqU0AP5yX7Sa_mZEkpP_GeIPXhjHSCmP7G2u4brsNvRz2WhhvYt05J3GAa679vPNp-3HaG5VzFOfgwsaGmyT4WasTMGCX9NFcrIjFh7BFZB887fcBmFUdgsPC0sadQjf-y8Ot0Rqavbuz8FeRirOz260JYNYXI3OndOXHJHTGKTk90OWsuyuLX5k8OAtuiyOyKnTm0WtaBxmliB5e1r7_6ncOqu1dxK_piQ48VtlHwTKq5ZB_6wAExJyqZfXPG7uzKOlSK_7qTTy0Yupz9HcIPzuFrzcG1s21ydZH3H1EtVimo-_HzyNXd-q85ERjEPBWtNXY8yfUYAkQAbTd4p7bc68oG4UGKijrVuLRdnnuJaoRtuZ_RchV6xjckp1-pPQXY7C7vSocrpb7xmFaorOhPJxz9hi04PQQNE30gpTj2pp671g9bdHGLgEkxz0cAH-N6eT63Gy7Kmr83v-RJLgeFB-3ikqhvHWMvvreXZtuUDxI7Cngsj0jfqOSqs6ylydSiWN1eJkXeHctdzo3brAwCiUIXiiX6ZyasaEzQ89h-dTHfaXSjlCBlVvroMKhk3mQ8PnmFdsQ010xw25ybgpMlWDCw6EI871EBqtUSwWgrGymzE_V7m6Jj4bppvzsAfYZQmcNYMWgiOtxyqM8QqpftGISOzYMXUGdm-0TVMXYlYb_0qg65-uugTZnVGC3eikOeBq03i2n97AU1HtHtpSjeK83xi0Ambeg6TE-qiOMlZE6Pg5baaf0XExWrWwA3JMuThSfIPLMn3hKLvCDjIjTQVRQfhNX0SSjBDzlpICb_QrcqO1jCmDO6uTjfN9I6qm1-FG6Y_M5YW7e0oNiJ5WHS8iubnPAn_7jmYTUAx_fvR2paIrmfH8F4FBe5bP-a8ZmFqH90Tob2wUSxFNptSnGvo0FjCimNTxatpD_UmfaBwUgVxnkLyT7hU2rFpZTsh2ROzulyIcftCPXJKi7WtS61YEYPPS_jdQ0m3IMFNo4o7dEwQIVKUfNi2_afc2TCVqOavY-Ii-1WSISF23VbiT7nx83FwBaAJLCq7LnkFMZU8nEDDwjx8TxOVPUsWNXohosPgVVhqs4Zp3msapss0vQHyxsjUcpDfVm3UMibygX0pBwJAFt3SO2PR4MfSg9YOgs9hxv1O1TD-iQOmEtTe0-8l0_3PErvE-VvTwCjuSfeBmeIr7XlZEwHaFOLLNixYUMDgQUZqF5CqrM92N1IToqhasEocSA6-NuiQyqhJ9f9RLVa31s6APbkgecMFySh4FJrQHH4wIgh1CrMe2xQU3tWWHemdnLB4fXmr2jJQznL7LM5TCEYLgNkw7A5-BXEN5McJ3tv9NS0JM1U4PDMx0G14H-lr3RkJq-pLfBFrFc09yFq232L2NxgsRV6VyDAvfKbS9VBNDCpHqrcB6NJOIR-S36EGm5t8zvYn2TZKxh-y-1wH3OXpIBpolx101L6CZXIe3AmosG0vWPRCLjjErTJI416pugkGIKnqomWqRrxow0pblACQ833qIXux7sQMMpNoAD2yxnprqV71tEV9Z4IS_lQtkR60vu4qYaSk3fhO-QsQ1i4IBuphMwHKHEdqFXsgWosl2nsKepHUGXZmidgfaXrf5as39MTQvc54NwDbuAd_7H41AdoZMBljXJcI1rxAq35gh2j4DD8Ok-FK8PCcWBbTKyqEnRwbSfSYvp1GbQnmUaT3ASEt3OwxSOSMy2g3p11L8k82yNOVdXLt6c-vZd_7PXZ0TmMetaCvL_uxB9BlOmptKQxy2zcyItXK2RXdgtwVqd4gH8v8VW8U_fBikZ_lrXq0wAF8Uk2gcUxFNFWgGN3v0Dpmf9pvXCNa43bB-GqrxjMxl75ugWAz9amrm9XNhCGcQ9lpplp0XtW2eUnC7Rjo1rbVG5PLhypKebxhd7LmKHpZsrXu2ahED6a-zElVlzFZ1NaK2haSCUxbESbhRhNaZWgaYN-dU4WP8rMvlh_aY-5bCw-ex21-W3XeIyMgjnH220NDv75bz1vjrTumncVxBzuFjcplKOrk3DjgknTFN5lHdk4vg3OVDOz7z2vHmc_fdFezDY0DuCm2-s5-Fzp9BcD_Ode2zhCeXWAbBUQ1n9mZsUWOpBMY3VvJVtBFJn_nQ8V8IDZwo4Tu8p_RIM0f783ncXS2B3Od2js_QyERXY__Ri3Gx6xDpVim-m2ADKNEINO-fEcgPGnZV88G9DiyIw5dGrLbBi6P-T-DNKpP3dQif4WMgNGNcQG-298hW_NsLisU_78wqmQgPgMXT0i1admgQyiYzJYlWxBdNBGttRYK1Lunm61nUVbsT9U4_Dx26bU-X9IKliVw1JTgyNYpsU3YrsdSkqB7MHUp1Ejj3RYR_4M0t2W867gg3TpRPcx1-MUWdB3Yc7IldKC_igDTTTrudGVhGAxHqsnlhO-lyPbAmskVOn8CuDRjmghHYKm1BFAKBqGVc42_3SObE0Cqk1F3XwyPBvjiEHOv8v91DvqsctCDNcQZgu2pNd4lKBs2GbrB9QrXabWJi-iHaWvoX04Ow_Rf_jN3DYcw-5MueVHPoY4aMKUrVr4crC2aMzTRrqIEfCCRZaVavimLtWrZdH-jt5yO-k1WJljGoraC0wznimsqAA7xT9qtCqUqLvOJecN9-Y305_RirDdJDbFg3ZgiZfnmJDeTGoCDCMazoeLOsgS6VLY2mMaMsEvECHcOfKm5oB0W8jx4Hr1PjXIcjvtsAtgnZry7xdM8oyEYtIv5RlR1GMBWjK4zWw&cid=CAQSPAAvHhf_pOp5Ta-_Y90ZUcltzCqnpvhBVtVYoDXjQ42T57szEpYMszSkUTjNGUZrGc8L3zQMmzJsfZRo0hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.otempo.com.br%2F&ds=l&xdt=1&iif=1&cor=4961071151917812000&adk=2228999114&idt=110&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 14:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:47:36 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AF8D 41 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDUyMTI5MDAzMDg3MQogIHNlcnZlcl9pcDogMTI2MDYwMzg1CiAgcHJvY2Vzc19pZDogMTIyNDk3OTk0Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1ODU5Nzc0...
ad.doubleclick.net/ddm/activity/ Frame AF8D 0
862 B 138ms
57ms Image
image/png 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDUyMTI5MDAzMDg3MQogIHNlcnZlcl9pcDogMTI2MDYwMzg1CiAgcHJvY2Vzc19pZDogMTIyNDk3OTk0Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1ODU5Nzc0CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly92b2RhZm9uZS5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiA4CmV2ZW50X2ltcHJlc3Npb25faWQ6IDE0MDI3MzMzMjU1NTI4MTk1NDA5CmRlYnVnX2tleTogMTQ4ODI0NzE0MjQyNjUxNjUzOTYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTA2IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTg1OTc3NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM2ODk2MTIxNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTIxMDkxNDg4NwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDUzNjM0NTExOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ5ODczMTY0NgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly92b2RhZm9uZS5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL290ZWxvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa5bd6579d1f5aacc0000000000000000","13":"0xbf2385005437b4ba0000000000000000","14":"0xe1005aadf84cf8950000000000000000","15":"0x84513083ec5ef9bf0000000000000000"},"debug_key":"14882471424265165396","debug_reporting":true,"destination":"https://vodafone.de","event_report_window":"345600","expiry":"691200","filter_data":{"14":[],"21":[],"8":["5859774"]},"priority":"0","source_event_id":"14027333255528195409"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame AF8D 37 KB
17 KB 147ms
31ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=65396891;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20536345119&extPm=20536345119&extCr=498731646&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CLiLsSe6YZdfKINaG7_UP4dWToAvx77asc7f_--qFEs_Xor3AARABIKDY5H5glYKAgJQHoAGGx5i3KcgBCakCEw_QOdxbsj6oAwHIA5sEqgSpAk_QUw8mPUgZZxKbwn8p-112ZWo1wZgla2dUn6abRFxs5jXL_9MJGggWl_t1qpropTWZW0tFSZ10U6DcfGQmNupOD6F7T4j5My-_oyTdPPm-2jZF2wSHxDIWRedytz9QHRWfEJDekjK6t5SaMyZuUVws5Gn-F8LyJ1FeRQ0JSQqTvzD-RnStWsePP48_ODuXXDC3Rs1oAy9CHB4288ShGb2LMAtl6Ed1Y4tcFMp3UPS5DlFHycUwPZf1aY0pwCrFNk2P4yQFLelQSd5BjMYoaa_sNKQ0vkU89i8QceggQ0O3EvjhLnPMH1Z-SaaJyZuWHBKsYXHv7CuVcVRnPDWVBdsLlqSt8EXHeyxAV7sXJDZ8gcjW9m-J66z1mdXxdZB6RFKz1_umw38BLMAEx86157wE4AQDiAWfhL_ATJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljs0LXPjMiDA4AKA5gLAcgLAYAMAaIMCCoGCgS7u7ECqg0CREXiDRMI1Pm1z4zIgwMVVsO7CB3h6gS0sBP2vZQW0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPAAvHhf_pOp5Ta-_Y90ZUcltzCqnpvhBVtVYoDXjQ42T57szEpYMszSkUTjNGUZrGc8L3zQMmzJsfZRo0hgB&sig=AOD64_1N80S6IGerj0DYMyL-ZbySRxQ_Pw&client=ca-pub-4253883158590606&dbm_c=AKAmf-CCNAWxZs_kA9bazZRSoYXTvLkSmAhdw2Ywq2JwzJznaSP1fAIIfWfypGB_RUy_yr6AoortNE0IgQt_q9rD7G7-dK1mDVCUW2vbb-JzN_VJubJ4n1Br1MSLdQuh22c_j-hW5_3_GY-mDJqjCQGVE3WqhGFgOT7gITeueNxymnt8JL0r3R8&cry=1&dbm_d=AKAmf-Cz5t5ZyxjtXd8a6iF7byBNhsbiMm_2cIekdQWig7EcqlU_6qpvEWcE3GaZmt6-fbwyOAfFl07FrCs1idOZflsMF-J5m5myXhCamWJI1tbD6pjzn4A5P2rr_6d3FYLffu8A1EPGGko-op4sTksdNaxyvh13I02VaIbAEVJBt5nm0kRhB3yZesHWXVQr02VaXHGDoy4Hbfkvduy_Sy1rGNGq8xO2gFIhQXvDyocoYHVDat5vB8OxLXBzzeXyd1TUN99Vi_fX-jQy02xBNbwA2l1Kqe39_brt34xdrUwC8RAftPRPp9k2bOiQj70LSv-ieYk1NuEVfhxl_vYY4JPQEjBM1zt7z955oMvSF_o_3D80_i9H157tkVtnvGlUAHIWECiuK4ibL98S_pEea4dC7Kl6drMI3xIBjDGvcoX2XyF9HSq9TtXLdRJaIkXY8qLy1iyx1qvdGkOyOkb-kQ4MlkaxIiz8BrhuKOnZJFr9DdHHFx1lrKvgBpJP83Z5l_yqcrMUWUlePQ5ujmsDS7BS_C6f9A36FRdAnHwDdObYPfbKEhA3ZMxOcs5JjstJRnsu_SqHKL99&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 294c654fb3f1e0a0ddd534a1581185ad9482112c5ce7b9a3d08313fcf2ee1106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 10:28:27 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 05 Jan 2024 17:45:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 85D2 17 KB
6 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Jan 2024 06:08:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=2229837715234212&bg=!4-Cl4K_NAAY3kmNgF5I7ADQBe5WfOGCP_ZVbFxFSbffWKKLhcUc8bX_FNI3nb-BqZUX2h6xvqfuWBxCvDX2TckoDHb9DAgAAAEpSAAAAAWgBB5kCxK9l3PMFR8bYnNaz-tOGhciyG_xQs82ySTR2sEWSB0-wewHv-HYgtxG3NiefIb_isPzA-sdM3s_OjwJ3Ma0EYbUtS7UmM5Lh6zlqfzrGoZInZ-nf3Xhvae7oj8geoBX19y_PSOGE65HGE2Q7jrNV4A1nnmGk6xzHgUJt-Lm1c08Oxgs4l9R3ZxnClLYtfIHcW_Rd967CFbCOhXrykuLEDb0gafLZNZ0BRylGQiznQiHWWoU0mxl9GbGoejnRFo9kvHxNbaB3ZshGG68d4agZDYdPjADgiUfDE-9Wivc8yiqjUI5EXgz5IpMMDuqKgwZXtylfkFLUORyJwqSdOvH8Hqnb4D3DwTflCdmVLH2scOoY08v7n6ov_efXLuzJJSZWRJ8cP3j_xHHRnU36zyFpaS78MaAg93iBQ6FRgOafOnn8Ol5FUn8ASrtrBcB2ZSx4YJXE-vLSGxeN5xEK0pg6Hv06MdkkL-NfBxUZCPBROAdQOD1i3xfUIW8OlOACQMwoof2byaoNcIJV66Is-jnAZUXUc0KGCRP_G_zXB85vC5lgtV-tpVv8-EqUqjXVuPmSYpBGL2eGFoOYRn2JWmbGa6ZFKuV-qQgFJZCEExOf7vzcNULTHAvNqWhh1yTQfoemq2G2nV04SOvVL3ZjkGt8qsXshGMJ0P9Mp10zBl63fYP0sA8SZ521L0ln4xqyXqYJf201kSTUyrUXraYeU2WTsyJpKcssmubeUy84ofGL13w1O9ojWGut8NOEQmWjlRN1c2YbewVPUrOGmtGSZqWYFoLlvWRURqEz7Sm1TiZVdfwbxCYN4fiRkehYKXIO0FMcfslW7_zQQPmulHsLaKE7-WErnqepPRJpwcmPbfA7sGEZ0QvTMpQGnAIo5dKLIXabS_y7MEI8d1PpQcr0oDOnKgGHnly-rclRTSg8T45abUoThw3LOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5C1D 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 332572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 09:45:18 GMT
expires: Wed, 01 Jan 2025 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C1D 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 22:48:15 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 65E6 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 22:48:15 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 85D2 14 KB
14 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8126095561676425865/index-be1f7599.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index-be1f7599.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 05:53:36 GMT
x-content-type-options: nosniff
age: 874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 06:08:36 GMT

GET
H3 200 0_noimage.gif
s0.2mdn.net/4528404/ Frame 85D2 54 B
77 B 19ms
19ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/0_noimage.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16c98584b72f73a64ee22a1d59be1b62571672811dfd34600cb0dda265f8f491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:23:26 GMT
x-content-type-options: nosniff
age: 63884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 15:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 12:23:26 GMT

GET
H3 200 Agata_Mars_Motiv_1_Selfie.png
s0.2mdn.net/4528404/ Frame 85D2 4 MB
4 MB 20ms
19ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/Agata_Mars_Motiv_1_Selfie.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ccbba7dd5aca9535deee804349133034d9e0e2172596287655fc0fb96ca737b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 22:47:00 GMT
x-content-type-options: nosniff
age: 26470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047585
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 13:00:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 22:47:00 GMT

GET
H3 200 congstar-stoerer_gb-plus_big_lila.svg
s0.2mdn.net/4528404/1688648407429/ Frame 85D2 5 KB
2 KB 20ms
20ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1688648407429/congstar-stoerer_gb-plus_big_lila.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2d84570d037eab308bcb515a7ba9ce502da0d072895c1ba7a3876f6d7910373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8126095561676425865/index.html?e=69&leftOffset=0&topOffset=0&c=U5CcpKhnmr&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 20:43:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2211
x-xss-protection: 0
last-modified: Thu, 06 Jul 2023 13:00:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Jan 2024 20:43:31 GMT

GET
H2 200 dc_oe=ChMIhKTqz4zIgwMVM_K7CB0uCg0VEAAYACDp4INdQhMIjovIz4zIgwMVHqP9Bx0glwkV;dc_eps=AHas8cCNPR4D1vR1rKFA1a92fiuWYqquC31cEBMyhX_haP14MJrna2TiZFalOT5J2J7lF9wkxoXFe6M;stragg=1;&timestamp=1704521290228;s...
ade.googlesyndication.com/ddm/activity/ Frame 0799 42 B
107 B 134ms
56ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhKTqz4zIgwMVM_K7CB0uCg0VEAAYACDp4INdQhMIjovIz4zIgwMVHqP9Bx0glwkV;dc_eps=AHas8cCNPR4D1vR1rKFA1a92fiuWYqquC31cEBMyhX_haP14MJrna2TiZFalOT5J2J7lF9wkxoXFe6M;stragg=1;&timestamp=1704521290228;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIhKTqz4zIgwMVM_K7CB0uCg0VEAAYACDp4INdQhMIjovIz4zIgwMVHqP9Bx0glwkV;dc_eps=AHas8cCNPR4D1vR1rKFA1a92fiuWYqquC31cEBMyhX_haP14MJrna2TiZFalOT5J2J7lF9wkxoXFe6M;stragg=1;&timestamp=1704521290229;s...
ade.googlesyndication.com/ddm/activity/ Frame 0799 42 B
401 B 132ms
55ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
297 B 118ms
118ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.otempo.com.br
Date: Sat, 06 Jan 2024 06:08:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame AF8D 2 KB
1 KB 109ms
18ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623171&plc=65396891&sid=1366186&dvregion=0&unit=970x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623171&auorder=1432631&aucrtv=59389633&auadid=1366186&c6=1447160&c8=&auplc=4933189&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-KIP_all_funnel_Tracking_PER&c3=RT_PD_F-215-kip-all-PRE-Tracking&c4=kip_verfuegbarkeitscheck_230612_1940x500&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_3rd_BNR_CM_kip-all-tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 06:08:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:34 GMT
Server: UploadServer
ETag: "a8006a511aee2e57196f5e8bee81dde8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 07 Jan 2024 06:08:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C1D 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZyzJSu6YZZfxAeGOjuwP5-uOyAQAAAAAOAHgBAI&bg=!y8ilyIfNAAY3kmNgF5I7ADQBe5WfOLx7Ni1S2H3dJTWArVhP8KO40aPxeN9xe9Md67cjUeGxWhAu4qtW24dMltDyjIqxAgAAAFxSAAAAAWgBBwoAMwkbRYSGzEINERaj2ZXo49hsp4W3IJRwRRDaTEKbKRJ_Fk4YZU2UYPa3K7Zx0HUmtyea-JkDB8PN9pvEbBecwLiLkPECgmE83Aag_napmgz5BVdwqFmev77_4YnpYGryrZ3lZGygNV3TWILXQ4-tjdpfQtrtQSA7u91KwMdrQwFo_ZrGkTjqPZ_J5WRNdEqHL3iaklyc1yI3wiNqADBqnilTLJRPkgOUoyevQl0JIg0hTZUNth43jG8lk5TOzEo2hhyeQq5HYzKAQ6pDDwhe6VnJlUg7GgvUxakaDVKir-1B0HuC4BlsXohjpx89Q0bSHEWDoAv4Yl50jYo6F0SU9QL7x5RjnPY8Oe1EQjpQpnafZI16VtCfmTJiFuVuFUffMREWOYpsGVvIEjQg9HZ8f2jZ2T534LiUL04xuXLGpNjaelSHVzMrJONLzfD1IOULRBx-c9Hp7fQBJ-Jm7BeyRyw879oc6DJwNdiPP1m7gqfuGSSzHZ79tgTmr_4BDuEu-8D6Z3d-DCGTg0XrQKrx_4uNMZZDQVPSkeB4kgs-camCVtu1MWsi_4qEetGdsZO2og8Q_4D9TbP6xDE-zaC52LYFdlGKuJU_vCYoDdJA8fnQkKopkEAR5jAMqU3EzwotSKeWbm4eCIw15oLgg9G1dWEQfFKN3df1Rgt0JEHPgBA2lyk3SjyEc1aWEeKCAxKR4vWDkkNlSSJxyKjTUg_h75wdxdLxdQw-MsPYmMiCj1EgD53PIHFoYATm7uvQgn8z_aJ3ekn_iQSrrJgJiHEy2pip-F2-2iYyNbMqAeQKr67TacfMbhdulnSEBrbxNV9DIwmZwsEWN44F8SGXsxuktPzZ8vDBfXOcaEyJ4NWtJOW5EC1qFRkZClkD-C6VZMSb51yyO_ckRIijkGW_NZ8KflmPAzV4kE-FzEFfjbE2jOlXJF9OGcDOlghMkN64o6DOkO-Ogh2U-VgockPZFoGi20LZwbkVtFU12RUWJE-pMvMIj9NSbgPwhuhL9buogVyWwAwcw2HMcD82KpyXPICR674Wo8h_g9W3dggUkvbzlYHT-UU1mquu5m77xqJKcCJg3DyLv9hmzIyXrxrePxE

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal125.js Show response
cdn.doubleverify.com/ Frame AF8D 60 KB
20 KB 19ms
19ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623171&plc=65396891&sid=1366186&dvregion=0&unit=970x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623171&auorder=1432631&aucrtv=59389633&auadid=1366186&c6=1447160&c8=&auplc=4933189&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-KIP_all_funnel_Tracking_PER&c3=RT_PD_F-215-kip-all-PRE-Tracking&c4=kip_verfuegbarkeitscheck_230612_1940x500&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_3rd_BNR_CM_kip-all-tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sat, 06 Jan 2024 06:08:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Dec 2023 15:12:36 GMT
Server: UploadServer
ETag: "8188d451e0a669939fa9ed400c00d127"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19695
Expires: Sun, 05 Jan 2025 06:08:10 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame AF8D 680 B
714 B 263ms
40ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_500373148279&jsTagObjCallback=__tagObject_callback_500373148279&num=6&ctx=11655933&cmp=1623171&plc=65396891&sid=1366186&advid=&adsrv=&unit=970x250&isdvvid=&uid=500373148279&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=120&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1623171&aucrtv=59389633&auorder=1432631&auplc=4933189&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-KIP_all_funnel_Tracking_PER&c3=RT_PD_F-215-kip-all-PRE-Tracking&c4=kip_verfuegbarkeitscheck_230612_1940x500&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=DV360_AO_AL_3rd_BNR_CM_kip-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%40E6%3EA%40%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%40E6%3EA%40%5D4%40%3E%5D3CTar9EEADTbpTauTau7fg%605he3g427d%605dhbhe_a%60h6_bfcb3a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=4.00&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_500373148279
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d9f8ab84ae9f7209e356b3af4d5c68d46e94a49f9171658a2c3607cc1bebb687

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Jan 2024 06:08:10 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 01/05/2024 06:08:10

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame AF8D 0
345 B 394ms
28ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=838da05b6e30443aa7eb31a38786a6e0&vfdur=264&cbust=1704521290669825
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 06 Jan 2024 06:08:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-01-05T06:08:11

GET
H2 200 DV_GlobalPassback_Update_970x250.jpg
cdn.pathtosuccess.global/ Frame AF8D 115 KB
115 KB 388ms
23ms Image
image/jpeg 2600:9000:2490:8400:19:8ca6:3640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pathtosuccess.global/DV_GlobalPassback_Update_970x250.jpg
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:8400:19:8ca6:3640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1165aab0094ed2411579eeb149c033d97f73e5dcdb116f40eab65d3e82d94bcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:12:00 GMT
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified: Wed, 17 May 2023 17:51:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 6972
x-amz-server-side-encryption: AES256
etag: "7e480c97f9008854b4c2e336777e97f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 117466
x-amz-cf-id: cErP_NrLG-u_sdCS-hJ73-rZzW5QecVFJws4cVwy6qFpGZpKhEW8aA==

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame AF8D 0
456 B 32ms
32ms Script
text/plain 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=65396891;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20536345119&extPm=20536345119&extCr=498731646&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CLiLsSe6YZdfKINaG7_UP4dWToAvx77asc7f_--qFEs_Xor3AARABIKDY5H5glYKAgJQHoAGGx5i3KcgBCakCEw_QOdxbsj6oAwHIA5sEqgSpAk_QUw8mPUgZZxKbwn8p-112ZWo1wZgla2dUn6abRFxs5jXL_9MJGggWl_t1qpropTWZW0tFSZ10U6DcfGQmNupOD6F7T4j5My-_oyTdPPm-2jZF2wSHxDIWRedytz9QHRWfEJDekjK6t5SaMyZuUVws5Gn-F8LyJ1FeRQ0JSQqTvzD-RnStWsePP48_ODuXXDC3Rs1oAy9CHB4288ShGb2LMAtl6Ed1Y4tcFMp3UPS5DlFHycUwPZf1aY0pwCrFNk2P4yQFLelQSd5BjMYoaa_sNKQ0vkU89i8QceggQ0O3EvjhLnPMH1Z-SaaJyZuWHBKsYXHv7CuVcVRnPDWVBdsLlqSt8EXHeyxAV7sXJDZ8gcjW9m-J66z1mdXxdZB6RFKz1_umw38BLMAEx86157wE4AQDiAWfhL_ATJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljs0LXPjMiDA4AKA5gLAcgLAYAMAaIMCCoGCgS7u7ECqg0CREXiDRMI1Pm1z4zIgwMVVsO7CB3h6gS0sBP2vZQW0BMA2BMN2BQB0BUB-BYBgBcB&ae=1&num=1&cid=CAQSPAAvHhf_pOp5Ta-_Y90ZUcltzCqnpvhBVtVYoDXjQ42T57szEpYMszSkUTjNGUZrGc8L3zQMmzJsfZRo0hgB&sig=AOD64_1N80S6IGerj0DYMyL-ZbySRxQ_Pw&client=ca-pub-4253883158590606&dbm_c=AKAmf-CCNAWxZs_kA9bazZRSoYXTvLkSmAhdw2Ywq2JwzJznaSP1fAIIfWfypGB_RUy_yr6AoortNE0IgQt_q9rD7G7-dK1mDVCUW2vbb-JzN_VJubJ4n1Br1MSLdQuh22c_j-hW5_3_GY-mDJqjCQGVE3WqhGFgOT7gITeueNxymnt8JL0r3R8&cry=1&dbm_d=AKAmf-Cz5t5ZyxjtXd8a6iF7byBNhsbiMm_2cIekdQWig7EcqlU_6qpvEWcE3GaZmt6-fbwyOAfFl07FrCs1idOZflsMF-J5m5myXhCamWJI1tbD6pjzn4A5P2rr_6d3FYLffu8A1EPGGko-op4sTksdNaxyvh13I02VaIbAEVJBt5nm0kRhB3yZesHWXVQr02VaXHGDoy4Hbfkvduy_Sy1rGNGq8xO2gFIhQXvDyocoYHVDat5vB8OxLXBzzeXyd1TUN99Vi_fX-jQy02xBNbwA2l1Kqe39_brt34xdrUwC8RAftPRPp9k2bOiQj70LSv-ieYk1NuEVfhxl_vYY4JPQEjBM1zt7z955oMvSF_o_3D80_i9H157tkVtnvGlUAHIWECiuK4ibL98S_pEea4dC7Kl6drMI3xIBjDGvcoX2XyF9HSq9TtXLdRJaIkXY8qLy1iyx1qvdGkOyOkb-kQ4MlkaxIiz8BrhuKOnZJFr9DdHHFx1lrKvgBpJP83Z5l_yqcrMUWUlePQ5ujmsDS7BS_C6f9A36FRdAnHwDdObYPfbKEhA3ZMxOcs5JjstJRnsu_SqHKL99&adurl=;js=1;adfxid=1x;6319;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fwww.otempo.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FEF8 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 20:39:54 GMT
etag: 48472445140208031
expires: Sat, 06 Jan 2024 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AF8D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f667223d4209098d113d2657a898cf1c0ff480312daf3c69b6eb1129cdbd7cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0799 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2383749160936&version=m202309260101&ct=76&x=1&cor=18284272244834658000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FEF8 0
104 B 214ms
114ms Image
text/plain 2a02:fa8:8806:21::1690
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHdqT3oKv374WSwm16-OQxU&google_cver=1&google_push=AXcoOmSRUFFH9uNBY7kUdt-GuCK288Rm4KIqu6DrzVkjk-67pNlxBGMgo-whS791ac0GH_OdqzGvtpiKD_58SfuxjLWU8-sC0IVY
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame FEF8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB3ZHErQPfVUiqoz66TYlvA&google_cver=1&google_push=AXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3ZHErQPfVUiqoz66TYlvA&google_cver=1&google_push=AXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquu...

43 B
422 B

187ms
170ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3ZHErQPfVUiqoz66TYlvA&google_cver=1&google_push=AXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8411c8f6c9084d85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 464
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB3ZHErQPfVUiqoz66TYlvA&google_cver=1&google_push=AXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSBDGYgxC4ALDRmNPiNSu6kv9A8SiibYKMU-b4ZhzBKm7N9reclZK2Ih7b2hTRb6WaSv6jFJ5Sl6STpiYclPJpu64xhquuU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8411c8f5882c4d85-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEF8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpqdVNBQUFBTGJTTkFPSg==&google_gid=CAESEMxXiIjZFc6logWjr4-uNXc&google_cver=1&google_push=AXcoOmSpi7CNTyY6rbhaqhkzXE5_cjkga5...

170 B
188 B

30ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpqdVNBQUFBTGJTTkFPSg==&google_gid=CAESEMxXiIjZFc6logWjr4-uNXc&google_cver=1&google_push=AXcoOmSpi7CNTyY6rbhaqhkzXE5_cjkga51ikDax1PN_VKFJ_4zHAUjra78QoF5U8bb8tZaqUB9eFoQQ2mOl3dqhicegTyqgtSo3

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230034-FRA
pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704521291.125481,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlpqdVNBQUFBTGJTTkFPSg==&google_gid=CAESEMxXiIjZFc6logWjr4-uNXc&google_cver=1&google_push=AXcoOmSpi7CNTyY6rbhaqhkzXE5_cjkga51ikDax1PN_VKFJ_4zHAUjra78QoF5U8bb8tZaqUB9eFoQQ2mOl3dqhicegTyqgtSo3
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame FEF8 43 B
363 B 112ms
26ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSClzBquJNWimKUwknLNCHJ1vL26YSzBn36o2laBwj0v4FZN8s7BAQBwSQ_1sv27PFIxFjBMtW_3PNgCWZ_jY3xyUTPWXHi&google_gid=CAESEGvniZSiD_lyu1Jjs5h-W9I&google_cver=1

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:10 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 266988
expires: Sat, 06 Jan 2024 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FEF8 0
41 B 40ms
38ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFhkuCw5fJb5OMXiBMUNfkU&google_cver=1&google_push=AXcoOmRX6p9K6wNAQ0sp1eV0bs-H-KBOVHNvMLAtzn1n4G2Zi7PmueN3x0qn1-SZsxZmDNESHbTuK8Tvsj9C2EK_eNIOOcZ7yHQ
Requested by: Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 06 Jan 2024 06:08:09 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEF8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPV-z5GxZ_Dac2zWdeHrthg&google_cver=1&google_push=AXcoOmTMm9feK6MsFGj5jSdc93Ga8QokDk5BJVK95OfRNNU94Pv1WrpKcJlEBoZbUf_Tp5_xttTuioGyFq-N...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTMm9feK6MsFGj5jSdc93Ga8QokDk5BJVK95OfRNNU94Pv1WrpKcJlEBoZbUf_Tp5_xttTuioGyFq-N8goYYtHgZ0Xi6sGZ

170 B
188 B

30ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTMm9feK6MsFGj5jSdc93Ga8QokDk5BJVK95OfRNNU94Pv1WrpKcJlEBoZbUf_Tp5_xttTuioGyFq-N8goYYtHgZ0Xi6sGZ

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTMm9feK6MsFGj5jSdc93Ga8QokDk5BJVK95OfRNNU94Pv1WrpKcJlEBoZbUf_Tp5_xttTuioGyFq-N8goYYtHgZ0Xi6sGZ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FEF8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBNbk37tiCBxT6hIiaoGV2Y&google_cver=1&google_push=AXcoOmSjNCrQ51ZtPt9kfJMReATTcKa1XF1P3GNVGEy7cKGfgyvgGH62MlFZIn-JJxZAMcx1UVRFeSGlkkzPYGWmVfhtRTtZQwWX
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSjNCrQ51ZtPt9kfJMReATTcKa1XF1P3GNVGEy7cKGfgyvgGH62...

170 B
188 B

29ms
29ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSjNCrQ51ZtPt9kfJMReATTcKa1XF1P3GNVGEy7cKGfgyvgGH62MlFZIn-JJxZAMcx1UVRFeSGlkkzPYGWmVfhtRTtZQwWX

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxMzEwODA2NTMxMjMxNTk4OTY3NQ%3D%3D&google_push=AXcoOmSjNCrQ51ZtPt9kfJMReATTcKa1XF1P3GNVGEy7cKGfgyvgGH62MlFZIn-JJxZAMcx1UVRFeSGlkkzPYGWmVfhtRTtZQwWX
date: Sat, 06 Jan 2024 06:08:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FEF8 0
12 B 29ms
27ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDIB3HAED7VcANQmbCiviUFPr2PY4tzV61dxx0sY2yUeZSPoe99d9O3WR_CURVK0XVup4i

Requested by

Host: f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 06:08:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF8D 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5251399957964&version=m202309260101&ct=77&x=1&cor=4961071151917812000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF8D 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxu6SoPXVj61-BT9pmtmjJ2QKUmKMP2qHBVk4J3MDUkEvhjQzZyCtLdj0QKLq8VgSSrAItjsKeFLiAtUFPRH2YTmwFTv2r3nfOtmwhjrJvzbb5wvq70G2kDPCoyzM0G5eLXkiv1JHaCz4ItwKUuz2Lsv53&sai=AMfl-YTIyQsxfbJOgxbyetpSz1aLDhKTJjdrOyZwwjvvxU4p5BV6KGebng3YmuFczsaStmAFQIPyi9Q-5m_u6m1L_T4EV6N1FAgILHGW9Ce83ZVKIoT_mHHQzJ5UPFD1&sig=Cg0ArKJSzHKDZYYpxO-cEAE&cid=CAQSPAAvHhf_pOp5Ta-_Y90ZUcltzCqnpvhBVtVYoDXjQ42T57szEpYMszSkUTjNGUZrGc8L3zQMmzJsfZRo0hgB&id=lidar2&mcvt=1026&p=132,315,386,1285&mtos=0,1026,1026,1026,1026&tos=0,1026,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1992981104&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704521289859&rpt=1237&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1VXJ83ESPC&gtm=45je4130v883286285&_p=1704521287821&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1132499905.1704521288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704521288&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&_s=2&tfd=7064
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 06:08:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 02:14:17	Name: CLID Value: 1897f67881fd408da1aef51bc0767843.20240106.20250105
.otempo.com.br/	1970-01-21 03:04:41	Name: _ga Value: GA1.1.1132499905.1704521288
.otempo.com.br/	1970-01-21 03:04:41	Name: _ga_F1R8GNWX4Y Value: GS1.1.1704521288.1.0.1704521288.0.0.0
.demdex.net/	1970-01-20 21:47:53	Name: demdex Value: 33892577743377699883579346569103724422
.quantserve.com/	1970-01-21 02:58:55	Name: mc Value: 6598ee48-4966c-514bd-49479
www.otempo.com.br/	1969-12-31 23:59:59	Name: s_cc Value: true
.otempo.com.br/	1970-01-20 17:28:48	Name: ak_bmsc Value: 862CDA8B9BC2337C96D63F077C4BDC6C~000000000000000000000000000000~YAAQjxYwF4EZr9SMAQAAGcti3RYeNlnniPvEy1gIjEYzo2ysA7Y8h+CIZNYJlcH4ZHrpgiIo4G1JlmTpZjiqTm7ED8Szo2QxnxnMZY0VMQ0rDG3+0L5nlZcKNMMup9cM6AkB1g7WKicu4Q5g0t1G1teJmHR+T4oq+BMJGOYouZJdACy9lCO+o7+Bd4xECiu1RIcFkyGT1HPOyPDX47VhFMAHNwYH8ZDr0q/FlbfVEV2qyn47V/i+Gnl8sO2Y82nbPhd93DAuNSAM89jXj397KdbwXIz8oU/3bIj/EPZ3xB1HQMIv6MhWIxnvPDxuxOPgZIoqfaKsEPAxUQpj4ToViwz/+1PXaRB14wDf3exL29fpFXD+jvpIAUcPJny08+rRtDHoLgqdbgkWccI8p5xasc0FrA/daGrFMvlD8au6sy83JA==
.otempo.com.br/	1969-12-31 23:59:59	Name: AMCVS_7AB02190639B302E0A495FA4%40AdobeOrg Value: 1
.otempo.com.br/	1970-01-21 02:53:10	Name: __qca Value: P0-966410739-1704521288117
.otempo.com.br/	1970-01-21 02:14:17	Name: _clck Value: kuvakh%7C2%7Cfi6%7C0%7C1466
.otempo.com.br/	1970-01-21 02:57:29	Name: _cb Value: Cw3afeBYb8_CDZvCg7
.otempo.com.br/	1970-01-21 02:57:29	Name: _chartbeat2 Value: .1704521288755.1704521288755.1.gcEsuDnEug236s_WH676BJfSDa.1
.otempo.com.br/	1970-01-20 17:28:43	Name: _cb_svref Value: external
.everesttech.net/	1970-01-21 02:14:17	Name: everest_g_v2 Value: g_surferid~ZZjuSAAAALbSNAOJ
.otempo.com.br/	1970-01-20 19:38:17	Name: _fbp Value: fb.2.1704521288804.1391405797
.dpm.demdex.net/	1970-01-20 21:47:53	Name: dpm Value: 33892577743377699883579346569103724422
.otempo.com.br/	1970-01-21 03:04:41	Name: AMCV_7AB02190639B302E0A495FA4%40AdobeOrg Value: 179643557%7CMCIDTS%7C19729%7CMCMID%7C24445598298132452264560380014967109800%7CMCAAMLH-1705126088%7C6%7CMCAAMB-1705126088%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1704528488s%7CNONE%7CMCSYNCSOP%7C411-19736%7CvVersion%7C5.5.0
.otempo.com.br/	1970-01-20 17:30:07	Name: _clsk Value: 1ryokmg%7C1704521289228%7C1%7C0%7Cs.clarity.ms%2Fcollect
www.otempo.com.br/	1970-01-20 17:28:43	Name: _gada_ses.6032 Value: *
www.otempo.com.br/	1970-01-21 03:04:41	Name: _gada_id.6032 Value: c674a1a0-5259-473e-82fd-4e6286a1276e.1704521289.1.1704521289.1704521289.b447ff09-e5c1-4b72-831e-80c01b737e35
www.otempo.com.br/	1970-01-20 17:30:07	Name: privAu Value: 0
.bing.com/	1970-01-21 02:50:17	Name: MUID Value: 39FB53BC86996F052803404287336E99
.c.bing.com/	1970-01-20 17:38:46	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:50:17	Name: SRM_B Value: 39FB53BC86996F052803404287336E99
.navdmp.com/	1970-01-21 02:14:38	Name: ac3 Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:50:17	Name: MUID Value: 39FB53BC86996F052803404287336E99
.c.clarity.ms/	1970-01-20 17:38:46	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:28:41	Name: ANONCHK Value: 0
.casalemedia.com/	1970-01-20 19:38:17	Name: CMPS Value: 2206
.adnxs.com/	1970-01-20 19:38:17	Name: uuid2 Value: 1269921839924982502
.doubleclick.net/	1970-01-20 21:47:53	Name: APC Value: AfxxVi76C83up9HJ36VVvgPor4OJSqzTBNpxUNukO4qnGqqalcfEhQ
.casalemedia.com/	1970-01-21 02:14:17	Name: CMID Value: ZZjuSXXOYchA-UmQGIgjsQAA
.casalemedia.com/	1970-01-20 19:38:17	Name: CMPRO Value: 2167
.navdmp.com/	1970-01-21 03:04:41	Name: nid Value: 13edf75d03fd2867f3dc6dd2f210\|1\|36
.otempo.com.br/	1970-01-21 02:14:17	Name: nvg67531 Value: 13edf75d0368282949c89a6b2910\|0_7
.3lift.com/	1970-01-20 19:38:17	Name: tluid Value: 1213108065312315989675
pixel.rubiconproject.com/	1970-01-20 19:38:17	Name: receive-cookie-deprecation Value: 1
.yahoo.com/	1970-01-21 02:14:38	Name: A3 Value: d=AQABBEnumGUCED4aGzV4SGJhEZTjZ8yej90FEgEBAQE_mmWiZeAOyiMA_eMAAA&S=AQAAAoYMAntOA4A-ZKuQshmLBJg
.doubleclick.net/	1970-01-21 02:50:17	Name: IDE Value: AHWqTUnrQgYkcr4EQBwBni2CeSLu0vJarrI-2lnT2C4dFoZO3tngjNGsl9MgevBdTaY
.otempo.com.br/	1970-01-21 02:50:17	Name: __gads Value: ID=e0c93a3783de2fec:T=1704521288:RT=1704521288:S=ALNI_MaVE5lcpxelEQJR8zQBDCVJOMkAQw
.otempo.com.br/	1970-01-21 02:50:17	Name: __gpi Value: UID=00000d3a1b157c64:T=1704521288:RT=1704521288:S=ALNI_MarzuWXI2ShqFI_RLJHhwBi1fEEGA
.otempo.com.br/	1970-01-21 03:04:41	Name: _ga_1VXJ83ESPC Value: GS1.1.1704521288.1.0.1704521289.59.0.0
.adform.net/	1970-01-20 18:13:19	Name: C Value: 1
.adform.net/	1970-01-20 18:55:05	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:04:41	Name: XANDR_PANID Value: ynxRIiSDw9f0jPuNeS3My6zH3w5-WWbivctDKxoEmJdpc_5-5rEk7zPdnBK8kjsZN1eow60OwCv55n0htYWD3OT0rYEyDhXIPi657y8s6HQ.
.adnxs.com/	1970-01-20 19:38:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$OpSK%!]tbPl1M>e)ZlrFUfJ+tGXxoPP3NTq=>mCLJP'v:buFr]+H'%OyyjqS7YY03If)y3KL9D3I?+GZ('<X
.mathtag.com/	1970-01-21 02:54:36	Name: uuid Value: 26386598-ee4a-4e00-8127-43427589f5ad
m.exactag.com/	1970-01-20 19:38:17	Name: exactag_new_gk Value: 062b21a66ed64461bdd0d9eb88d89f9d%7C06.03.2024%2006%3A08%3A09
m.exactag.com/	1970-01-20 21:47:53	Name: exactag_new_uk Value: 8b352da9adb74716b7f22cf779efef06%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 14db330f8cf24af1aadc9821
.doubleclick.net/	1970-01-20 18:11:53	Name: ar_debug Value: 1
.adform.net/	1970-01-20 18:55:05	Name: uid Value: 3401091733067391331
.tribalfusion.com/	1970-01-20 19:38:17	Name: ANON_ID Value: a2ntuJP3rT7CiAyPqHM6GevEEULsQOLi8rZbfl8tGZbFZdcYJVmcpUGeZdvVM6atTbuuoNpYKYppetMFMGXTkUWBsmbr

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20536345119&extPm=20536345119&extCr=498731646&rnd=1704521289533847' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aax.amazon-adsystem.com
ad.doubleclick.net
ade.googlesyndication.com
assets.adobedtm.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.go-mpulse.net
cdn.doubleverify.com
cdn.navdmp.com
cdn.pathtosuccess.global
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
config.aps.amazon-adsystem.com
connect.facebook.net
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
f781d96b8caf51d593960219e03743b2.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
ivccf.ivcbrasil.org.br
m.exactag.com
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
rules.quantcount.com
s.clarity.ms
s.go-mpulse.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure.quantserve.com
securepubads.g.doubleclick.net
sempre.sc.omtrdc.net
sempreeditora.demdex.net
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
usr.navdmp.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.otempo.com.br
104.18.36.155
108.138.1.25
108.138.36.117
13.248.245.213
130.211.44.5
142.250.184.226
142.250.186.102
142.250.186.66
151.101.194.49
172.217.18.2
178.250.1.9
198.47.127.19
2001:4860:4802:32::36
213.202.235.10
23.35.228.210
23.96.124.68
2600:9000:20c3:5000:6:44e3:f8c0:93a1
2600:9000:2449:ee00:18:1fcd:353:c61
2600:9000:2490:8400:19:8ca6:3640:93a1
2606:4700::6810:ef3
2606:4700::6812:18ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::201b
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c00::9c
2a02:26f0:1700:391::11a6
2a02:26f0:3500:12::1730:178f
2a02:26f0:3500:12::1730:17b0
2a02:26f0:3500:587::1e80
2a02:26f0:480:9::210:ee0e
2a02:fa8:8806:21::1690
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.75.62.37
34.235.12.81
34.253.139.156
34.254.208.131
35.186.253.211
37.157.2.247
37.157.5.133
37.252.171.149
51.89.9.252
52.13.15.187
52.208.197.4
52.222.253.136
63.140.62.22
68.219.88.97
69.173.144.165
00964050fc1aec50f8dbfec60fd6b6a846c3918d2420118516cf08c7591335f5
01a42fcc183a758043a55b191cb08f1a101ef2040216960e364847516482d3f7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07eb11875bc1592e487b2d1e5da0594a81fa544ebb33fc966250684daa51f2c1
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ad19013b225422e85a4c811b929bc8bcacfc4cd955b905d7448ac960127971e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d068359b0e39d4791c39f6381123db00e5e81ef30c4317347421a221fd39a36
0e5e2e0cb02a76fdc1c2b2898474066f73a8fe175de17467cf9481a7c77bf470
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1165aab0094ed2411579eeb149c033d97f73e5dcdb116f40eab65d3e82d94bcb
16c98584b72f73a64ee22a1d59be1b62571672811dfd34600cb0dda265f8f491
17d359ba4a62b0d1b841d49aeb19f2319c3eff5d5f235aab415d97d9a7bed9a2
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
21cc53e2b17047493e459e5fabde8f3efdd79de048e6fe885f77fcb070234e1e
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
294c654fb3f1e0a0ddd534a1581185ad9482112c5ce7b9a3d08313fcf2ee1106
2ae6b9a7363d39b53910012f19c5ad181a0b937292ace5896459ab133a0d8706
2e8a77bedbd6394c2b1714c073f73efefad304a3246327508cfdefb9faa7fbb2
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
3209a1aae8bf44c9b702fab5d7ec4b5036c7f84f7929b67f63ba73445fe64539
3391161336f535a5ff4f2aedb1e54ab211e2f7812ca778dad1735b9505d231bd
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3faaf773caf8fea260664c4dfad9004348e5081516252c7a3e0be0d1ada4be24
41221a11e8ab4ebaf39d229bf38956ff29e080d2a5517f7c86a29e2970823fd0
42b54426d9bcb7ce0d62264a0c8bcae7f492246b29b31086d31474268d9af49a
4349ec6ea54dd9e8f7e0a49ded2f6b4192781bc44856ec36c4d8d423907ca4ed
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
474337004915dfa671031d9720b4b8d07c1c0d12dcbf10bf236be8dbc6fcdfa1
498ce3c53934f9d6bed02c83c42badefda006bcb9b3db3b8319b93290d8a4efd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ccbba7dd5aca9535deee804349133034d9e0e2172596287655fc0fb96ca737b
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d3e264b6d2b9d47f4a5a9699352cd5d008014f59270ded32a1953afe2120078
4df3780f01b2f6c2dfd41f286b828827e4a81aa63d2ec454e168ababdfe4c4aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e20688aa8c37d0fedd935bf2b1024d0d9329e6bcbe257c9ba617a4084dcd05e
50fc06cd2957894add704f8a84083107be16c1b998e9a18c4e8f2dd4b53b618d
51f85c9bdd957d797de3cffd7aab88e6ed58a762be6dcfdccf7ca5112b60b51f
5286854173e8ebfa92c3226b7df7499754974e6c8a13f85073b413b2a5c4b984
5471dbed799f7a272bce1c6936d7e95cb535007278307b94d0079314ef89832b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56736a0f5369b9ee213d66b858c368cf0f22ffd9b7bac706ff29c26125dc4431
567791ac2471e51cbbac8f4b06ee7901d4eacacb37ec5c04f229b0ecd1e25632
5b5f63cf93eb6c705ad674b48e5451f9fbdc156d43f51b9f709eeb878354f3bb
5bd490ba54c09f9a7d15722160667419324ba780747355d5c87d758680a80b1c
5c1d9eeddee16418ec4c4451eb9c7b3cfee5e2d312858b0f6dbe9493e4b9ecaa
5cf80af7e61d02a794ece86ab464c1993141eb80b70697552dc8f4fe29e1f2a1
60a1e3a892a4aeb05804d5a739e9502616219559482357ed4a74caa8ddef73f5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6369e4c9740249c8c46083cfdd770877932dbf76e3ba6ffc9caf226cfa4b8dfd
63b169efeccc25b559033bcdfd61cd9227aac4b8fa079876408f2948869e7d90
64689924c252c5f78503e1ac6f1f92ddfba2cd448bcad60ca4452781fa220be1
64a5589fa5d5d7ca7d4691fa0ab31f4aacd3544e8287e871585746a29c5a58e1
66194230d6b8b17e45f8d94b1773f6f284b5ad967fbb23e4db9376713c2b507e
6a4eb2856062a6cf65d1a376d06abe39a9bcdcf6644cd1feae9cea8419f5b11b
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6baaade98569e7808d545deb501c9ea511e5a817be0dd3667480022c64f7a589
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6d9158a8be907eaaf61aed88a2f3148c8bec552dba99a04cd4d3b39a9930dfc4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75a010273b781ec393dafd5290ad3eabec474f7e248c4cc868e8d76a1128d348
768b0b2946f231db309560d2478dc1110b09104d5f721020ea2569e313d1f176
795ca227b8f9c8f5091681e8b3669218832c62cf19c4badafe112e87276d3e24
797bfe04734dbc52bb035401b32145bb3840b401b80ca5456e4a55c7855ca7d9
7aad3c528a84c5f8145ab901050c637385dce1619706197cb9a826243def4444
7baf6f85b479631cd9c7403f1b7d4de912759c346eee4651120688dc99ae4bf9
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
87ae44c42e68a7ed868ae9090f863786bc1cff22d6563bf535aaffe3e85a3373
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
899f8bf417ac18c7817e643f1d50d1e5aee2be2307db4f4124f49c345113a10d
8a9804250cc0e0039b709e7d32fa3b4bdaadb401b18ac183de9baf87788e2efb
8af5d3a0092e3efacdd37125f3b9c91a4d1e411b0425667091360c04c28862d3
902cfad560ee84d5dc8b661ca8c0bdcf46ded72f049def89270fe12e9a247d05
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
930fbe29713b2576dcf9687aa4afb6d811bc4a6a6adffb874786ee8a77f57763
936a0c43f3d6717d751839d51372407166b21f6ba23efbc7c3bdb60c00bc8874
95e440153cfe6af91514f6222a4eb89f4bdaee0fbc71bf630165adfd0ccad184
96fa88ea563eb3fdaef309ef8d8227ddc5379e87db2745d6a26e328b0a854599
98686c05c874d1b1267dd4ca23046a8080ace89f2b65880af0d6ad9b845c4d00
98d643f22eafd2b0c8aaf376a69b60682838119181fe9db8de8c3c74b8c0246a
9902ffa931c87416ab009209fcd6cc13e076b940d56ba0f5d6a08de1e5802512
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9dffcabaed223f9df1246c3b2588ce04da46953ab281525b087bf3d373c6d005
9f70c94797aa9dad8de8ca598ae049ca3e39582899e5fc5154dc81b8765f119b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ae50a3e9fb8aeec65b9a1e6a14b2bd87566352d0644f75291221e942394689
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a22ba8ea345fe27744f1d6d544bf31b937234815977423ef68e15470dd5a9976
a2e6b8e6ffa69e5e2ce0da148a7ee9b316f8fd0385ba48f0f1de64518ac3c3c1
a30df51bcb6a32bdbb92abf6b9129c3ce91b0d730158a3803debd8ea355c9333
a31906750d870e54250a4121055bb87b320ddc8d02ca8ffd4c91953535aae6c6
a42f99dadea83adb482467e25ba3b565437ef7d83c62b3fd1b60cd70c4e5c3a2
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a76fcbfb57b8f54928af0b95230b23d0569a864ba8b508275dd099ed14b00390
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a
a97ef0953444b9262c00201a2e9abf7e02c658a4edcdd5e2555e4757dec96aff
b0b4b8d43f073e8b164f246fc61f41b8261c43ad60f101a3ac189d3cbad3b696
b0b7b6dec30f663101b0e78816b18f674caf3225c616cb9c7aed7865a2c224bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d84570d037eab308bcb515a7ba9ce502da0d072895c1ba7a3876f6d7910373
b44db8de252974ea42b28acf236afca7617cd4b164a905d9d9bc6185f0216bef
b5597971118118498992ca93621cfafbd2df0f99f1f0810c892bd4e1caf1937d
ba78d932274be6212930b9f13a70300e6623af5bb92802669097033f9a5a9b16
bb213ab6002100e2541d3c45d40e0eeb1252f302945f03dd065a242555cfc291
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
bdfc3cc939b03ea51378d2dbdeb7ff9d7bdeda9189f45c6e48cff4724b4171f2
be1f75994e53be710e621d9552d7cc796a347e85622acc435325d94e076b6996
c297402d3a50b8f091174ce9afc9190baf0989ddfc69f3fc956d9d2dfc7a8765
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c651d5ed074b026f306c796ec12d61b98c8ba4f0835419338ee0a43fa3fc12ce
c88a0057945c8339c3a7f8d03427f7f8ef7b3dfdb3c8488c763a807d9aaa7b1e
c91351f65833b2e89fa1c4c012b4b8a5fb6ac8c3d19315f9deca4c72c70838e9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcad1de785fffe942b79cee1dbda805556539c8934aed4327addfb843137096
cfcce6fbc676bcdc4c9f2e2cbdd40cee40a4b9066f829f4e9e400cbe142183f2
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d879f00f9bf513149bfd9603f0944508c537698d3c77bf499153fe4111a84228
d988c57783761b485bce7d414b53ba7adee025269218aa7cd9b79802d63a4672
d9f8ab84ae9f7209e356b3af4d5c68d46e94a49f9171658a2c3607cc1bebb687
e02e89d7dfa3ab15773597c97787efeb9895f54e43d1088b158bd4475ee9f6fc
e10e4a5c59d67a39b4def4ec0ae394f63b26fc4964b631730b94ec069c2f7345
e288b1c4b877eb64f60121b0aee5c84574b52ef3c48b0bbe023558e4fb3feb98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e628e44c6c55b106b85f27aa1e47edd3665d8f406585c7c75ff1e23bd0970abe
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e74f4f8b944cdb9791942c185f35ef4587c6c3eff02914d55ba1e435118c9f00
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed9a075704a65857f0b9d4865d82e042bd70431de401079d8d71fab1f8ac7a7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f667223d4209098d113d2657a898cf1c0ff480312daf3c69b6eb1129cdbd7cb7
f8baeab28817473b280863cba09abd1358c8d5182ea5185ec9ad62aa58e393e2
fbf4dbac916cc4aed54e2f31014ef56cc84bb0af0607a6cb1f74e8c7285ed4dd
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

www.otempo.com.br Open in urlscan Pro 2a02:26f0:3500:12::1730:178f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

90 %HTTPS

51 %IPv6

44 Domains

72 Subdomains

55 IPs

9 Countries

10956 kBTransfer

17691 kBSize

54 Cookies

19 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.otempo.com.br Open in urlscan Pro
2a02:26f0:3500:12::1730:178f Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

90 %
HTTPS

51 %
IPv6

44
Domains

72
Subdomains

55
IPs

9
Countries

10956 kB
Transfer

17691 kB
Size

54
Cookies

219 HTTP transactions
5 data transactions