www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:ec00:6:45ad:3580:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.gazetadopovo.com.br.mcas.ms/
Effective URL:
https://www.gazetadopovo.com.br/
Submission Tags: krdtest
Submission: On May 26 via api (May 26th 2021, 3:18:46 am UTC) from JP

Summary HTTP 483 Redirects Links 81 Behaviour Indicators

Summary

This website contacted 80 IPs in 8 countries across 44 domains to perform 483 HTTP transactions. The main IP is 2600:9000:20eb:ec00:6:45ad:3580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.gazetadopovo.com.br.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.

This is the only time www.gazetadopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.81.121.140 40.81.121.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6ea4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2600:9000:20e... 2600:9000:20eb:ec00:6:45ad:3580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:515	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:6c0... 2a02:26f0:6c00:298::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
85	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
36	2600:9000:20e... 2600:9000:20eb:5800:1f:3000:7b80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	13.32.21.4 13.32.21.4	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 9	143.204.202.38 143.204.202.38	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.214.181 143.204.214.181	16509 (AMAZON-02) (AMAZON-02)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
6	2600:9000:20e... 2600:9000:20eb:6a00:12:af17:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:4000:1b:3b3:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.63.12.147 178.63.12.147	24940 (HETZNER-AS) (HETZNER-AS)
9	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	52.217.32.8 52.217.32.8	16509 (AMAZON-02) (AMAZON-02)
1	52.217.193.112 52.217.193.112	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
19	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.21.99 13.32.21.99	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
7	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
12	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	65.9.69.122 65.9.69.122	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	143.204.202.71 143.204.202.71	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:7400:16:bc5f:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
12	99.86.2.119 99.86.2.119	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:de00:4:5c96:9080:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:205... 2600:9000:2057:6800:13:9bf5:7100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:4000:1d:7626:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
66	2600:9000:206... 2600:9000:206f:ca00:8:7f48:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:214... 2600:9000:214f:4600:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.229.193.237 18.229.193.237	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:e00:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
17	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:4208... 2804:49c:4208:405:ffff:ffff:ffff:3	7162 (Universo ...) (Universo Online S.A.)
1	2804:49c:3104... 2804:49c:3104:401:ffff:ffff:ffff:34	15201 (Universo ...) (Universo Online S.A.)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
2	200.187.199.64 200.187.199.64	7162 (Universo ...) (Universo Online S.A.)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	54.72.219.124 54.72.219.124	16509 (AMAZON-02) (AMAZON-02)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
7 10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
8	99.86.2.13 99.86.2.13	16509 (AMAZON-02) (AMAZON-02)
3	3.250.250.79 3.250.250.79	16509 (AMAZON-02) (AMAZON-02)
2	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	107.22.27.88 107.22.27.88	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4001:c1e::5e	15169 (GOOGLE) (GOOGLE)
1	13.224.195.81 13.224.195.81	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:44::b	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:c072	13335 (CLOUDFLAR...) (CLOUDFLARENET)
483	80

1 40.81.121.140 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gazetadopovo.com.br.mcas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6ea4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:20eb:ec00:6:45ad:3580:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:515 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:298::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

scdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2600:9000:20eb:5800:1f:3000:7b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-4.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.202.38 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-38.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-181.fra53.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:6a00:12:af17:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4000:1b:3b3:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

multimidia.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.12.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de715.cxense.com

scomcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.32.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

gdp-prd-data.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.193.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-99.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.69.122 (United States)

ASN16509 (AMAZON-02, US)

3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-71.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7400:16:bc5f:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

infograficos.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.2.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-119.fra6.r.cloudfront.net

events-api.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:de00:4:5c96:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)

comments.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2057:6800:13:9bf5:7100:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.semprefamilia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:4000:1d:7626:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.umdoisesportes.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2600:9000:206f:ca00:8:7f48:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

json.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:214f:4600:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.229.193.237 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-193-237.sa-east-1.compute.amazonaws.com

apps.gazetadopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:e00:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:4208:405:ffff:ffff:ffff:3 (Brazil)

ASN7162 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3104:401:ffff:ffff:ffff:34 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.187.199.64 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-187-199-64.static.uol.com.br

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.219.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.2.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-13.fra6.r.cloudfront.net

live-tag.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.250.250.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.27.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

stats.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4001:c1e::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-81.fra2.r.cloudfront.net

stats-api.bannersnack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:44::b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5edne7.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:c072 (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent00.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
144	gazetadopovo.com.br www.gazetadopovo.com.br media.gazetadopovo.com.br assets.gazetadopovo.com.br multimidia.gazetadopovo.com.br infograficos.gazetadopovo.com.br events-api.gazetadopovo.com.br comments.gazetadopovo.com.br json.gazetadopovo.com.br apps.gazetadopovo.com.br Failed	2 MB
85	google-analytics.com www.google-analytics.com	78 KB
42	doubleclick.net 7 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	266 KB
37	googlesyndication.com pagead2.googlesyndication.com 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com tpc.googlesyndication.com	177 KB
25	google.com www.google.com news.google.com play.google.com adservice.google.com	69 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	288 KB
12	tinypass.com experience.tinypass.com cdn.tinypass.com buy.tinypass.com api-v3.tinypass.com	288 KB
10	bannersnack.com live-tag.bannersnack.com stats.bannersnack.com stats-api.bannersnack.com	2 MB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com	9 KB
10	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	98 KB
9	scorecardresearch.com 4 redirects sb.scorecardresearch.com	9 KB
8	2mdn.net s0.2mdn.net	118 KB
7	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	110 KB
7	semprefamilia.com.br www.semprefamilia.com.br	108 KB
7	google.de www.google.de	531 B
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com b.t.tailtarget.com t.tailtarget.com	2 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	307 KB
5	dynad.net t.dynad.net s.dynad.net	53 KB
4	gvt1.com 1 redirects redirector.gvt1.com r5---sn-4g5edne7.gvt1.com	20 KB
4	googletagservices.com www.googletagservices.com	137 KB
4	uol.com.br tm.uol.com.br tracker.bt.uol.com.br	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	amazonaws.com gdp-prd-data.s3.us-east-1.amazonaws.com s3.amazonaws.com 3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	351 KB
3	facebook.com www.facebook.com	263 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	65 KB
3	azureedge.net mcasproxy.azureedge.net	71 KB
2	hubspotusercontent00.net f.hubspotusercontent00.net
2	umdoisesportes.com.br www.umdoisesportes.com.br	1 KB
2	facebook.net connect.facebook.net	96 KB
2	cxense.com scdn.cxense.com scomcluster.cxense.com	28 KB
2	privacytools.com.br cdn.privacytools.com.br	22 KB
1	google.ch adservice.google.ch	799 B
1	twitter.com analytics.twitter.com	658 B
1	t.co t.co	454 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	cloudfront.net d335luupugsy2.cloudfront.net	413 B
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	navdmp.com tag.navdmp.com	3 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	jquery.com code.jquery.com	30 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	mcas.ms www.gazetadopovo.com.br.mcas.ms	841 B
0	Failed function sub() { [native code] }. Failed
483	44

	Domain	Requested by
85	www.google-analytics.com	www.gazetadopovo.com.br www.google-analytics.com me.jsuol.com.br
66	json.gazetadopovo.com.br	www.gazetadopovo.com.br
36	media.gazetadopovo.com.br	www.gazetadopovo.com.br buy.tinypass.com
19	www.gazetadopovo.com.br	www.gazetadopovo.com.br
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.gazetadopovo.com.br.mcas.ms 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com srcdoc googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	events-api.gazetadopovo.com.br	www.gazetadopovo.com.br gdp-prd-data.s3.us-east-1.amazonaws.com
11	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
10	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
9	tm.jsuol.com.br	www.gazetadopovo.com.br tm.jsuol.com.br tm.uol.com.br www.gazetadopovo.com.br.mcas.ms
9	www.google.com	www.gazetadopovo.com.br tpc.googlesyndication.com 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
9	sb.scorecardresearch.com	4 redirects www.gazetadopovo.com.br.mcas.ms www.gazetadopovo.com.br
9	fonts.gstatic.com	fonts.googleapis.com news.google.com
8	live-tag.bannersnack.com	08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com live-tag.bannersnack.com
8	s0.2mdn.net	www.gazetadopovo.com.br.mcas.ms imasdk.googleapis.com 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com s0.2mdn.net
7	www.semprefamilia.com.br	www.gazetadopovo.com.br
7	play.google.com	www.gstatic.com
7	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
7	news.google.com	www.gazetadopovo.com.br news.google.com www.gstatic.com
7	googleads.g.doubleclick.net	www.googleadservices.com 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com www.gazetadopovo.com.br.mcas.ms
7	www.google.de	www.gazetadopovo.com.br
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	www.gstatic.com	news.google.com www.gstatic.com
6	assets.gazetadopovo.com.br	www.gazetadopovo.com.br
6	stats.g.doubleclick.net	www.google-analytics.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
4	08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.googleapis.com	www.gazetadopovo.com.br buy.tinypass.com s0.2mdn.net live-tag.bannersnack.com
3	r5---sn-4g5edne7.gvt1.com
3	static.adsafeprotected.com	08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
3	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
3	t.dynad.net	www.gazetadopovo.com.br.mcas.ms
3	tm.uol.com.br	tm.jsuol.com.br www.gazetadopovo.com.br.mcas.ms
3	www.facebook.com	www.gazetadopovo.com.br connect.facebook.net
3	experience.tinypass.com	www.gazetadopovo.com.br cdn.tinypass.com
3	mcasproxy.azureedge.net	www.gazetadopovo.com.br.mcas.ms mcasproxy.azureedge.net
2	f.hubspotusercontent00.net	live-tag.bannersnack.com
2	csi.gstatic.com	imasdk.googleapis.com
2	dt.adsafeprotected.com	08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.gazetadopovo.com.br.mcas.ms
2	fw.adsafeprotected.com	1 redirects 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
2	imasdk.googleapis.com	s.dynad.net imasdk.googleapis.com
2	b.t.tailtarget.com	tm.jsuol.com.br
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	s.dynad.net	t.dynad.net
2	www.umdoisesportes.com.br	www.gazetadopovo.com.br
2	comments.gazetadopovo.com.br	www.gazetadopovo.com.br
2	3wf9o7mmzc.execute-api.us-east-1.amazonaws.com	gdp-prd-data.s3.us-east-1.amazonaws.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.gazetadopovo.com.br.mcas.ms connect.facebook.net
2	cdn.privacytools.com.br	www.gazetadopovo.com.br
1	redirector.gvt1.com	1 redirects
1	stats-api.bannersnack.com	live-tag.bannersnack.com
1	stats.bannersnack.com	live-tag.bannersnack.com
1	t.tailtarget.com
1	adservice.google.ch	securepubads.g.doubleclick.net
1	api-v3.tinypass.com	cdn.tinypass.com
1	tracker.bt.uol.com.br	www.gazetadopovo.com.br.mcas.ms
1	me.jsuol.com.br	tm.jsuol.com.br
1	apps.gazetadopovo.com.br	www.gazetadopovo.com.br code.jquery.com
1	cdn.tinypass.com	experience.tinypass.com
1	infograficos.gazetadopovo.com.br	code.jquery.com
1	vars.hotjar.com	static.hotjar.com
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	www.gazetadopovo.com.br
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.gazetadopovo.com.br
1	www.linkedin.com	1 redirects
1	s3.amazonaws.com	code.jquery.com
1	gdp-prd-data.s3.us-east-1.amazonaws.com	www.gazetadopovo.com.br
1	scomcluster.cxense.com	www.gazetadopovo.com.br
1	multimidia.gazetadopovo.com.br	www.gazetadopovo.com.br
1	static.ads-twitter.com	www.gazetadopovo.com.br.mcas.ms
1	d335luupugsy2.cloudfront.net	www.gazetadopovo.com.br.mcas.ms
1	snap.licdn.com	www.gazetadopovo.com.br.mcas.ms
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	tag.navdmp.com	www.gazetadopovo.com.br
1	www.googletagmanager.com	www.gazetadopovo.com.br
1	scdn.cxense.com	www.gazetadopovo.com.br
1	code.jquery.com	www.gazetadopovo.com.br
1	cdn.onesignal.com	www.gazetadopovo.com.br
1	www.gazetadopovo.com.br.mcas.ms
0	json.gazetadopovo.com.brhttps Failed	www.gazetadopovo.com.br
483	85

This site contains links to these domains. Also see Links.

Domain
assinaturas.gazetadopovo.com.br
conta.gazetadopovo.com.br
clube.gazetadopovo.com.br
especiais.gazetadopovo.com.br
www.semprefamilia.com.br
www.umdoisesportes.com.br
pt-br.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
gazetadopovojornais.com.br
www.grpcom.com.br

Subject Issuer	Validity	Valid
*.mcas.ms Microsoft Azure TLS Issuing CA 02	`2021-05-12` - `2022-05-07`	a year	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.gazetadopovo.com.br Amazon	`2020-12-23` - `2022-01-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.cxense.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-04-09` - `2022-05-08`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
semprefamilia.com.br Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
*.jsuol.com.br Amazon	`2020-10-31` - `2021-11-30`	a year	crt.sh
*.umdoisesportes.com.br Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh
*.uol.com.br Amazon	`2020-10-01` - `2021-11-02`	a year	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
uol.com GeoTrust RSA CA 2018	`2020-07-30` - `2022-09-28`	2 years	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.google.ch GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
bannersnack.com Amazon	`2020-09-10` - `2021-10-12`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-17` - `2021-06-17`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-18` - `2021-07-27`	2 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.gazetadopovo.com.br/
Frame ID: 4167FB45FE6F71AD6BFF471E66514350
Requests: 339 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Frame ID: FE3F9DEE01561DBBC05B260C9E7253F2
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 07366473DB185C9652AE6462E9EE55A8
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450555
Frame ID: 2490903962AF6D3E30395294B6F12671
Requests: 14 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
Frame ID: A04C65C75BAA7E7F40240A3734321E8B
Requests: 10 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: E8F21F238E67782DC9B71AF83100BF95
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: CEE34359DCED10F5B3929B91FBBFBACB
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 3D95C2B5CC1CF0599DE4B3BC8691A687
Requests: 2 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: 1184D67FFD889D6EBF518BA849F30618
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: 366D83C11EF790B5B8D34D877EF768CE
Requests: 10 HTTP requests in this frame

Frame: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 83546AECBCFABC0D4507D1CD0B37417D
Requests: 13 HTTP requests in this frame

Frame: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FCD844B4A3255B2C5C0323D717C3447
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 15655271678C200D21B46175246A6FE6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63B6460AEE3CACCE5652FA5AF1003D37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYrri8oAEwAQ&v=APEucNV2AXRTeR2lvYZyyUD8JmOR8B_l3HurrplP3uMQ9gXJVLIAabip-HEhOQdv38sIxMSf6hj6zVxXY9k4W2-IZ-PmJA2-Lw
Frame ID: CE9080F3B4C04F17E123F2BD5FC1B1C7
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.461.0_pt_br.html
Frame ID: 2D58D1F7BDBD74314448BBB7E6D1EBAF
Requests: 12 HTTP requests in this frame

Frame: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6D06D6440C354D9A15E033FA54946957
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQ3MDeARil-IqdATAB&v=APEucNVpffC7CKCEkED2glZtBa067ICvG8Bl3d5cXaOkHFP8P3zoI2viqUnvcD7o0iWQIEyxPwb5xNJ7yk82kmfqsBRfHsJi6g
Frame ID: 68EAAE0B59048298F700BAB3E3875058
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4DAAF7558B823CBCB0FDE09D62656A28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYxsa3mAEwAQ&v=APEucNVMmKqWVxxq7wafhvDrBS94NrTDO23-yPh1b3jyEoXRBjTq8iX-N8-Xq7A9Miu6LEM8crAcUT12OtJff_EYEOiUd0UFPA
Frame ID: 01B91A452EA8ABD8E6CCAB3DAB611A68
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D1D9CC2AB42623703BDBE1B005DF67B8
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: FDA5F162A98437E481F05E3D5508AE33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 81C21C274D4D911D6E25B5CE214C37F6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE23D5E2A0187C1977443C87890F774F
Requests: 2 HTTP requests in this frame

Frame: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Frame ID: F3D32C7643E67B5D0DEDD72791EE588B
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html
Frame ID: 68193980324A8C650DB5267E686FCC49
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.gazetadopovo.com.br.mcas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

483
Requests

99 %
HTTPS

65 %
IPv6

44
Domains

85
Subdomains

80
IPs

8
Countries

7064 kB
Transfer

17282 kB
Size

13
Cookies

81 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta-mobile
Title: Assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-topo-gazeta
Title: assine

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/login?referrer=https://www.gazetadopovo.com.br/
Title: Entrar

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar/
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/
Title: Clube Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/painel-das-privatizacoes/?ref=explore
Title: Privatizações

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/reforma-tributaria/?ref=explore
Title: Reforma tributária

Search URL Search Domain Scan URL

URL: http://especiais.gazetadopovo.com.br/por-dentro-do-vale/?ref=explore
Title: Startups

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/?ref=explore
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/?ref=explore
Title: Saúde

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/?ref=explore
Title: Virtudes e Valores

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/educacao-dos-filhos/?ref=explore
Title: Educação dos filhos

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/previsao-do-tempo/?ref=explore
Title: Previsão do Tempo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/filmes/?ref=explore
Title: Cinema

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/?ref=explore
Title: UmDois Esportes

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/?ref=explore
Title: Athletico

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/?ref=explore
Title: Coritiba

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/parana-clube/?ref=explore
Title: Paraná Clube

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/cartoleiros/?ref=explore
Title: Cartoleiros

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/mauro-cezar/?ref=explore
Title: Mauro Cezar Pereira

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/augusto-mafuz/?ref=explore
Title: Augusto Mafuz

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/carneiro-neto/?ref=explore
Title: Carneiro Neto

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-barcinski/?ref=explore
Title: André Barcinski

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/andre-pugliesi/?ref=explore
Title: André Pugliesi

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/colunas-e-blogs/jones-rossi/?ref=explore
Title: Jones Rossi

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020/?ref=explore
Title: Brasileirão Série A

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-campeonato-brasileiro-2020-serie-b/?ref=explore
Title: Brasileirão Série B

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/futebol/tabela-libertadores-2020/?ref=explore
Title: Libertadores

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/premium/?ref=explore
Title: Conheça o Premium

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/politica/presidios-privados-no-brasil/?ref=explore
Title: Presídios Privados

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/?ref=explore
Title: Coronavírus

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/pesquisas-de-aprovacao/?ref=explore
Title: Pesquisas de aprovação

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/?ref=explore
Title: 100 Anos da Gazeta do Povo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/loterias/?ref=explore
Title: Loterias

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/?ref=explore
Title: Todos os especiais

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/dentro-da-lei/?ref=explore
Title: Dentro da Lei

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes-editoriais-gazeta-povo-resumo/?ref=explore
Title: Em Resumo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/100-anos/conviccoes/?ref=explore
Title: Em Vídeo

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/noticias/?ref=explore
Title: Notícias do Clube

Search URL Search Domain Scan URL

URL: https://clube.gazetadopovo.com.br/parceiros/?ref=explore
Title: Descontos do Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/cartao-virtual/?ref=explore
Title: Aplicativo Clube

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/leiturometro?ref=explore
Title: Leiturômetro

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/minha-conta/minha-assinatura?ref=explore
Title: Minha Assinatura

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/
Title: ver tudo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/noticias-por-mensagem/?ref=explore
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://pt-br.facebook.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://twitter.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gazeta-do-povo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/gazetadopovo

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY
Title:

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#lavajato
Title: LINHA DO TEMPOOs números, os desvios éticos e de conduta que querem apagar da sua memória

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao?key=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJIT01FIn0.eBdJ9L4FA-1dhQuhebhUznQfSM278NGQRO7K0Pr2iiY#podcasts
Title: PODCASTA história da operação Lava Jato, seus principais trunfos e a campanha de desconstrução em áudio

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao#kit
Title: KIT ANTICORRUPÇÃOReceba nossa newsletter e ganhe figurinhas de WhatsApp para compartilhamento

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-vozes-na-gazeta
Title: Leia mais. Assine agora!

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/sera-preciso-revacinar-idosos-que-tomaram-coronavac/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/sera-preciso-revacinar-idosos-que-tomaram-coronavac/#comentarios
Title: 15

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/anticorrupcao/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/numeros/

Search URL Search Domain Scan URL

URL: https://especiais.gazetadopovo.com.br/coronavirus/parana/?utm_source=gazeta-do-povo&utm_medium=componente-home2&utm_campaign=coronavirus
Title: Veja a média móvel atualizada

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/breves/prefeitura-de-curitiba-amplia-decreto-e-decisao-afeta-jogo-do-athletico/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/breves/prefeitura-de-curitiba-amplia-decreto-e-decisao-afeta-jogo-do-athletico/#comentarios

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/athletico-aspirante-decepcao-destaque/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/athletico/athletico-aspirante-decepcao-destaque/#comentarios
Title: 1

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/boa-fase-copa-do-brasil-sub-20-coritiba-promessas-destaques/

Search URL Search Domain Scan URL

URL: https://www.umdoisesportes.com.br/coritiba/boa-fase-copa-do-brasil-sub-20-coritiba-promessas-destaques/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/comportamento/quando-buscar-advogado-para-fazer-testamento-e-qual-a-importancia-de-se-fazer-um/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/comportamento/quando-buscar-advogado-para-fazer-testamento-e-qual-a-importancia-de-se-fazer-um/#comentarios
Title: 1

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/empresario-doa-mil-dolares-a-cada-estudante-em-formatura-para-estimular-generosidade/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/virtudes-e-valores/empresario-doa-mil-dolares-a-cada-estudante-em-formatura-para-estimular-generosidade/#comentarios

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/casamento-e-compromisso/recomecar-redescobrir-e-reencantar-manter-a-vitalidade-do-casamento-requer-decisao-diaria/

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/casamento-e-compromisso/recomecar-redescobrir-e-reencantar-manter-a-vitalidade-do-casamento-requer-decisao-diaria/#comentarios
Title: 2

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/saude/sera-preciso-revacinar-idosos-que-tomaram-coronavac/?ref=mais-lidas
Title: Será preciso revacinar os idosos que tomaram a Coronavac? Especialistas explicam

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/por-que-assinar/
Title: Conheça a Gazeta

Search URL Search Domain Scan URL

URL: https://www.semprefamilia.com.br/
Title: Sempre Família

Search URL Search Domain Scan URL

URL: https://conta.gazetadopovo.com.br/editar
Title: Minha Conta

Search URL Search Domain Scan URL

URL: https://assinaturas.gazetadopovo.com.br/?touchpoint=assine-rodape-gazeta
Title: Assine

Search URL Search Domain Scan URL

URL: http://gazetadopovojornais.com.br/
Title: Anuncie

Search URL Search Domain Scan URL

URL: http://www.grpcom.com.br/junte-se-a-nos/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: http://www.umdoisesportes.com.br/
Title: UmDois Esportes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.gazetadopovo.com.br.mcas.ms/ Page URL
https://www.gazetadopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621999101637%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQLhEqqhisoUCAAAAXmmriu7KKXf6fB5Jspw3ArWrFZeg8dHvgafCjPSrTqu2u8qKtFv_x4X

Request Chain 58

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621999101752&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621999101752&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F

Request Chain 340

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 369

https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621999110128&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621999110128&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F

Request Chain 409

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1

Request Chain 410

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YK2.CGrru4Qc-8VyIeAliAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2

Request Chain 423

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1

Request Chain 424

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YK2.CGrru4Qc-8VyIeAliAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2

Request Chain 427

https://fw.adsafeprotected.com/rfw/bgd/314658/52815543/xbbe/creative/adj?p=APEucNVyT8h1TbJboIbuJarnRM2nTucaHYxESoOkP-d-wG_wDelcg9w&d=CnkAoCZ_4KCJ40YWea-EHxuUZVp3_QEy6IPv3H8D-igMH7mBUZIPOr4M6wgU3OghvjqWzG8wsBUz_cMABPfNEuF57wB6p_WlawZp39hzu526H1qvUDVba-DD5lAmZcTAg1v4gKgO4WS5l_-tyF5oWrcs-IHDoHWwuvn5EqkSAKAmf-AeuIh91J2SwNd8UMMdPs14Va-CwZvVWRL67xEgSXF98Jc_JkzDs_KxwERe9nbbq3-al6_VW-jLHkQYl99gfVNMJ4-gfdf5UDWptVO2wPUJUkVPHYDOmvzNy6cwdnqJLR2KYWulqAQtwKYLUXJ_iY54Mp9WtgjgacJhwwINoCCLzrvM1N-wnVcN30itu5x1aX959FFWGjJpgq5RIX3XZw0OpX0bwrIhuQAB5IpnQsLNBkGulf7hE6zwSR57jN62wAtNhVXfhfcezrbXrH_QImqNiVmqNICRqX54GV3pt9_LSOuJcViX29qm0eL-DxcR2gjHYSnfweLRGqxY5yplYQdpWBmihOlpMBSJ_WnfrLeCD8EPZD255Tb5pHcsK-SkwEzMzfhq7UeFTFrYdP6ToQsmyzxS5nIXIdBYaaLpzwHFyTP37y5KDFu6Y55tLad4PvNy1i3aPEZgsnqT89btX94CAMQT1rd_IR13_E39oELe5HrhOdxSCdG7a9bGblyq3nHlWoLKuUGi2rIAuiLsldvfqwVCuBCe3BNaA47mr3rv9xALPnr1WyD0oWUqo1lUnKtzgtpef6K54FsX8jr7PKCWvJ9A5qV57gMZgq3dCB1Nh1NUGcVV5BFo7npI-L0O2U7orZ287aErRIAFKOJUc1lJMPJoMZDVREXdZbhi7UDX-xvD6KAcLScMRe3YOiq4UfMqUZiywMXXG0KWkc02olkXsirhjlxmQ0t_g05uGqVpMfrx_PK992lSbyYZWjAdWC-N02iKSk68zc68ONu6QnAHAVwONKMWca1oXCM3U_1rrlw8J0p3sjLmxaBRcKURVxdziH4S6hZb_8Whz79wNYVCqSraw19O05anJm5OCmydQAEYhyMDuofY1Ybq2HZybEJnldcVTS4aIhqKqDHX_4HBr-1QcWbQoV_6hInY-mSsvHBJmgoXrSyjuJHtgJQDidN5BrLknl4xXxpU5clNQCnQIdqNCYKivNNjOwQGJPZbECxWvrjckW857j1adOQqENfyfzEIBFgH6XIRc1s3Y4SGGD3Tcy7WSOZU-2SaoOUP3JarmiGRjg5L8ATzJTdxnJ2ZhLEj35gvJVyXEkYsm9In8LM6rGnnc9IUQJI96a5-E_RlIVjCFiQjYpvzQY-w_gG53d6SVIh3WvqG1sFMnL2ofDBWBM33YgTtDf-eLkf7zuGnESNWuujFR3Oq_tNge3JckbaGNgNg9VaPVPapSlFLnA2WaWwVbXD8KqRXLwucgLzvWAzC22B6cbAI844y8F9XzWu4RNdDVFPy6SpShr7U8LA3wllv_T_IXtwyAMM8kYssxeuCtSPxTF85Jy8_KaUvx7_KiAJpVNU3untrUy9DWA1voW5RelTucygdV8k8Pz3kCjGNYEKlWJ6dO8LB83dLKv1w0p04YNLXKgplQOrWuR_ARA188HlVofQF8MaPI2pvgKEUhze0R2Y74YKeJZak3N9sxJmOmHJRI2a16mn_gD7cDwCgzwTWVIoItUwgSYKumtG13_GXQWHgu64__q4MQU8rmd-Iz2aoxzT7pOaz0rk-EJuAuJuGn_jG0z7MMLdnK3FgqAU2aw3SuEzxajOXOVPid14KGmx58w0iS9nvV1bnO0NRxtPhoziPkuXarxj1tzdxX_ox4TjYzMEOzar0PcQwMFJLgyFj7y_Xqm8KiX0EC11CsSxgequym7803-l6dNvekMlIgAuC2Qu-NPpNxHwdYoOKA9c-8vuyylgYSSE-_ICPrjoixioIDGJuBqSefISJNMxQ82hmTX7IYE_KymT209QjjYHfG4zzBm5eQl1HEqEdCeSxCYb7u1vg5P66lt77heXyvltLg7D-tvJn5QOZnbEX_RDGZnDW28nUq83LOOOb9NDWAi_nA6-D3gW1rGIPXDPnM2BGaqhhVSPJrv7USRs4mNMNMveHwGJ02s5bIwZOvWrkezgwNuxNTx1g6lb8DDvQD5apjbI3LTg_qYlSWRtGwlq1qOOJCn8xxUCN1ohH4G1eMYkVowT3gWItmvLdropxM0u-b6jvj_tAT6afLqlPXMJGEmPb_U8Ta-yG7o80oy9UVt_yvjcUdRvNPqqHtQqGfnwJOVYrnYJ1eoQLqguzZ_Y__pJ-ytxi_4mSm3Qva7Lik7FxJMiBnIbp6UODA74uJp9SmUs2jEVRUx14eIeyKlRWlOsRD7IOwAk03q2QvRsyHeE6FRXtd_-M3qr1iGMtmvac5iMcjMUoyRdrxbAD87kL2bBE5kH_1qCyhlqE0UrIr47Q2GBuEpudUQXPT1YmTwV-o17825g2UDo-afSI2Qs1u_OthSOlQlpmXYR4dsL75v3NazQvpmWQPEXzDI1Npfji183GN6tMgXj7Uv2eRPNrkvQ_LI448bPHSIvC3Zipl_h4faxjnUebaxvbbGeAIzv-oFVnGEVSbY4yGuKLEGwZ2WPl686QgUHO7QiSCFJ3m6IS04xaSUmQbA9LTkiKObo9096oNPnqEa85eaIxTg6eeSPlL38vjptoWGahBPD6brfpCv0285sLthhYErKtAW65tAcLofxMzo6WnET-LKO6rKffCFmUKa6ZZouwxPGzs3kPKHOl9VkJ6Z1vJm59_sPin8KqdJxIiBijjZns3GwAUCM303WG8PKL0kh9vbpfI8iSD5Ij_e_fxAL6NM8FikzX-KpIBEpu34SAltFINJV9onAQWz2XJ5mqZ97xUfdhsBbIvlZGnzjtJPMHoJcb1y9D_DpP1tZrM5zCwrvdOAA3sbso8__NXMiRSECq8PjyLa9LmxCxPuCy9kQlJ3JEWaexuwNA8Tzo836FMES4ZDDu1oPhvdTbrabUQMHv1hoMcFYjYi7ka4gn2E6F7pMxpU6UU7BMzlXsrdTkpig8mJLet3INeVjtXhU1R75Sh2ir7zqh1KgwIL_8OcriwEFPa8h2hvam9h7ogqPFL-8s1sB0SDyfC5fCffiGqxjQw_mpXqJT52W46mYCKa6bsgpWoCj6D4y8CvnSWx83ljyozgR2nfjFRuimEuWEzB480W6rxOsR8i5CNyYZ0UlEbGEdGCZ_RLGx0IMPiASteB8XJBagWknLv5vHYMulfjNsC_FhFPgxv78vJF7NPBwaQQgAEj3kaBWuzHEGmxgW89L2igtcyA-uVycyadDdDO-wUE5bAU_LwcZlBgH7uVUgrAkOm15IRfWFck6YLujtd1DaYAE&adsafe_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:135a92b4-e6ec-61ca-1e7c-bfacc748caa7,c:dGTiEx,sl:na,em:true,fr:false,mn:app19ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:syu2YFB+11%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C183%7C191%7C192%7C1a%7C1b*.314658-52815543%7C1b1%7C1c%7C1d%7C1e1,idMap:1b*,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:79,oid:0c698b97-bdd1-11eb-b6f1-068792706006,v:19.8.205,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_728x90.js

Request Chain 432

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1

Request Chain 433

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YK2.CGrru4Qc-8VyIeAliAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YK2.CGrru4Qc-8VyIeAliAAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKziHxP4VZ3MOODT8t7Lg8c&google_cver=1&google_hm=2

Request Chain 463

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/ip,ipbits,expire,id,itag,source,requiressl,acao,mime,ctier/signature/BB9B82BF446BE2B1F2F943614CDEBDC5862BAB02.492C8017487A40E3C7D25EB21108D25778C3ED8C/key/ck2/file/file.webm HTTP 302
https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/1D2860842B5358E7E1C29882C0C465E187415735.34BF96C6FD9CBC5419D013B5B2CEBB750B8A9707/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5edne7/ms/nvh/mt/1621998986/mv/m/mvi/5/pl/50/file/file.webm

Request Chain 465

https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621999115314&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621999115315 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621999115314&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621999115315

483 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.gazetadopovo.com.br.mcas.ms/ 1 KB
841 B 212ms
42ms Document
text/html 40.81.121.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.81.121.140 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.gazetadopovo.com.br.mcas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Wed, 26 May 2021 03:18:20 GMT
x-mcas-request-id: cd1fe4e70b2ab99683319ed0287e136a
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
expires: Mon, 01-Jan-1990 00:00:00 GMT
pragma: no-cache
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ 5 KB
5 KB 52ms
11ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726

Request headers

Referer: https://www.gazetadopovo.com.br.mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 26 May 2021 03:18:20 GMT
last-modified: Tue, 04 May 2021 17:11:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: npsIWjlCWsd9fFNnNdaKMw==
etag: 0x8D90F1F9E34F4BE
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac76fd-101e-0001-4833-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=3671
x-ms-version: 2009-09-19
content-length: 4994

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/0.200.40/html/ Frame FE3F 281 B
726 B 8ms
7ms Document
text/html 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br.mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.mcas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Tue, 04 May 2021 17:07:19 GMT
etag: 0x8D90F1F135BA00D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a4241b6-e01e-001f-7a33-458fc4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=5274
date: Wed, 26 May 2021 03:18:20 GMT

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/0.200.40/js/ Frame FE3F 64 KB
65 KB 25ms
0ms Script
application/javascript 2a02:26f0:1700:d::1737:6ea4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6ea4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/0.200.40/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 26 May 2021 03:18:20 GMT
last-modified: Tue, 04 May 2021 17:11:11 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: dSafsVqER9739PXXMGX73g==
etag: 0x8D90F1F9DEDA57A
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f2ac7937-101e-0001-4333-455529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2912
x-ms-version: 2009-09-19
content-length: 66024

GET
H2 200 Primary Request / Show response
www.gazetadopovo.com.br/ 1 MB
295 KB 45ms
11ms Document
text/html 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 376dd2e25dc106117e4f69af18014647cd995728a128de6d1f13387f7346a604

Request headers

:method: GET
:authority: www.gazetadopovo.com.br
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.gazetadopovo.com.br.mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br.mcas.ms/

Response headers

content-type: text/html
date: Wed, 26 May 2021 03:13:52 GMT
last-modified: Wed, 26 May 2021 02:01:51 GMT
cache-control: max-age=600
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
etag: W/"c947b43163edc1430e31a6228e4fc90f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: GQv2WOvpQ-nZgi1a0165KqnTSlg_jRcf4L7ijaBHHCnP0Us1ATQR1w==
age: 269

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 61ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:20 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 851
etag: W/"5404400d01d5519bc4a10316e7ed5c9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6553db09392e074a-FRA
cf-request-id: 0a484739c30000074a98bd7000000001
expires: Sat, 29 May 2021 03:18:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
966 B 26ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 03:18:20 GMT
server: ESF
date: Wed, 26 May 2021 03:18:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 03:18:20 GMT

GET
H2 200 e6Ya311101.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
2 KB 76ms
30ms Stylesheet
text/css 2606:4700:20::681a:515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/style/e6Ya311101.css?t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6585
cf-polished: status=cannot_optimize
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a484739c3000097babc318000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0f6Nhcv72Irp%2BwxN%2FrYBc8jPGZSIfxdk9IWcBLfZn1j%2FKeN%2FwoF8jkeIi0VmUQZjqzDM2Agoji8A%2Fu1sE2K5Z%2BYG4PI9%2FfreE5%2FF6FSkzIAOUk8e5k1DPg6Gohnbqod7ytFXuSXSWzv%2BYlXy%2FSgFZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 6553db093f6597ba-FRA

GET
H2 200 app-944202c964a7c450206d.css
www.gazetadopovo.com.br/assets/ 682 KB
44 KB 12ms
10ms Stylesheet
text/css 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a50736028cb0eafde674b1c1cbb65e6a6c3c8f8fe7eea6c7e856f790c265c3d

Request headers

:path: /assets/app-944202c964a7c450206d.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 19:24:35 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 18:40:02 GMT
server: AmazonS3
age: 28426
etag: W/"b1393fbe039b8e9ce39d70e897b472e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/css
x-amz-cf-id: HKgtz7c1cMHLcL4HEvgi9JknxF3CCe1TkAaAM02ooQ6pKvlp-YzRZw==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 12ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:20 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1621999100.dop209.fr8.t,1621999100.cds208.fr8.hn,1621999100.cds002.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 ico-noticias.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 402 B
758 B 9ms
8ms Image
image/svg+xml 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-noticias.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c

Request headers

:path: /assets/images/menu/icons/ico-noticias.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 9241256
etag: "0047e5eff1c16451783c127e71d7c4dc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 402
x-amz-cf-id: 1Khd4eXQoR_wsLBULTbraEE0R7FCLHwM-T_8hRGvZG1xMCmS1q_Dng==

GET
H2 200 ico-opiniao.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 742 B
1 KB 17ms
15ms Image
image/svg+xml 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-opiniao.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace

Request headers

:path: /assets/images/menu/icons/ico-opiniao.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:10 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 9317650
etag: "81ceaad7f3bf5e4912e4a7e9fea1d1a8"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 742
x-amz-cf-id: LElw96CAh6lYKeUsf-mjN2OaE6Kna64tozIVpjS5vI1zk1vXMy6BeA==

GET
H2 200 ico-descubra.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 553 B
909 B 16ms
9ms Image
image/svg+xml 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-descubra.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96

Request headers

:path: /assets/images/menu/icons/ico-descubra.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:25 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:16 GMT
server: AmazonS3
age: 9241256
etag: "f54a53358f4eb688ab2e8b30a5f16f6c"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 553
x-amz-cf-id: 4EPXkd72-0JOScJ122rMWrUTEvMIE0uhJtVtixI5AlbBOPcTviKVmg==

GET
H2 200 ico-minha-gazeta.svg
www.gazetadopovo.com.br/assets/images/menu/icons/ 381 B
737 B 20ms
13ms Image
image/svg+xml 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/menu/icons/ico-minha-gazeta.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568

Request headers

:path: /assets/images/menu/icons/ico-minha-gazeta.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 02:49:07 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:17 GMT
server: AmazonS3
age: 9592153
etag: "e7caef4cd9fc8923d63157348bf8b219"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 381
x-amz-cf-id: 5F_zd1urrghX0_UXiaMXwsTxinHPj11G9idMOTrbMmJ8vn4EMj4EwQ==

GET
H2 200 gazeta-fallback.svg
www.gazetadopovo.com.br/assets/images/svg/ 123 B
470 B 17ms
11ms Image
image/svg+xml 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gazetadopovo.com.br/assets/images/svg/gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7

Request headers

:path: /assets/images/svg/gazeta-fallback.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 16 May 2021 00:18:40 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 21:10:08 GMT
server: AmazonS3
age: 874781
etag: "852c057958949c7560916cdd5f0121ab"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: RSguBg6dfBBS9CsXYnC0xh4F9LqtSbMZuTiJdyCXhChjtrbZghLpXA==

GET
H/1.1 200
OK cx.js Show response
scdn.cxense.com/ 114 KB
27 KB 47ms
8ms Script
application/x-javascript 2a02:26f0:6c00:298::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://scdn.cxense.com/cx.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:298::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 09:22:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27418
Expires: Wed, 26 May 2021 04:18:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6504
date: Wed, 26 May 2021 01:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 03:29:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
62 KB 37ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

160d1479448b8748ec94940690dc2b5b2c6660e201d81c8da99a0b639068c425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63655
x-xss-protection: 0
last-modified: Wed, 26 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 03:18:20 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 55ms
16ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 177
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 0a48473a540000d729379a0000000001
last-modified: Mon, 26 Apr 2021 21:14:53 GMT
server: cloudflare
etag: W/"60872d4d-1f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6553db0a2f44d729-FRA
expires: Wed, 26 May 2021 04:15:23 GMT

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 18ms
11ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 05:41:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 250586
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 23 May 2022 05:41:54 GMT

GET
H2 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ 20 KB
20 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 06:11:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 248837
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 23 May 2022 06:11:03 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1433297151&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1704850860&gjid=978544661&cid=1311363325.1621999101&tid=UA-23088598-1&_gid=1692508585.1621999101&_r=1&_slc=1&z=886899223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 alexandre-garcia.jpg
media.gazetadopovo.com.br/2019/05/23144603/ 10 KB
10 KB 50ms
9ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/05/23144603/alexandre-garcia.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b48cd5eb38e1f0cdb006c24936622127a941296716987a568c2c400b7c4305fe

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:36:27 GMT
content-encoding: gzip
last-modified: Thu, 23 May 2019 17:46:07 GMT
server: AmazonS3
age: 10114914
etag: "3e823898276211d06ab9709bdcc61589"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10107
x-amz-cf-id: ZLN0K-4qwPm4OR5Fxs_U6sroxdWKgFEiqR6y6pDUIQryMLj2IOeaJw==
expires: Fri, 22 May 2020 17:46:03 GMT

GET
H2 200 thamea-removebg-preview.jpg
media.gazetadopovo.com.br/2021/05/06153111/ 14 KB
14 KB 49ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/06153111/thamea-removebg-preview.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0abe9a4ff6d09f8bd1b06cdd4651b72a3963891356ec5915cfcf5105fa4229d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 21:10:24 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 06 May 2021 18:31:12 GMT
server: AmazonS3
age: 1318077
etag: "2d40c9485bc02d5eeda0a90ca9afd9ca"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 13881
x-amz-cf-id: BdHx26-uRmLLwYOXVJ7NK7G75KwYJvpGSA9TZ_9cH47AxnaVy2XMzA==
expires: Fri, 06 May 2022 18:31:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1704850860&gjid=978544661&_gid=1692508585.1621999101&_u=IEBAAEAAAAAAAC~&z=723058153

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 03:18:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 844
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 26 May 2021 04:04:16 GMT

GET
H2 200 hotjar-457089.js Show response
static.hotjar.com/c/ 32 KB
6 KB 109ms
52ms Script
application/javascript 13.32.21.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-457089.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-4.fra56.r.cloudfront.net

Software

Resource Hash

367b9f6578bda11ef24583b8e1c073632010f3bb4c8d3677bda789db211f2a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C2
etag: W/b4a106cb273e6648ee46861e65ec53f4
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: lYrAunlI_HP_TRQciK6jQJHNi01WVFaIKsrFza5n06U0ChBQWY8f0A==
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 34ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSPVJF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

992bba83c91506222322122d55e57b2a0b966f9e2362ddd604703bac3de4172e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14016
x-xss-protection: 0
server: cafe
etag: 992563924920100560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 26 May 2021 03:18:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 18ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: hd+yD8WQ6PCjniFzsTlbPVjKUrrnLJOMu98TmKr+ytQ/5ekJb23nI5kF7BmC9+TeE42dfYdoRVRaU/Um4NI0wA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 26 May 2021 03:18:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 66ms
19ms Script
application/javascript 143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:06:45 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: DSe_o9PTCM4G0dySKEgb_hCwDmfVDW_yBkLgaCuMs3CvEsTeVPh6Jg==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=46234
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 13 B
413 B 77ms
22ms Script
application/javascript 143.204.214.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/c9173442-33ea-4c3e-8b1b-7e02eb4fcab0-loader.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-181.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 06:16:54 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified: Thu, 05 Sep 2019 14:23:06 GMT
server: AmazonS3
age: 2494888
etag: "8e742d11d6b24c401e35f3b516726584"
x-cache: Hit from cloudfront
x-amz-version-id: HcQ7eDLpUO0rOnZ5z49wWPmZsoIBXyGt
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 13
x-amz-cf-id: xcKPx0gK8YYoPNESI5gHJSfdPyTbZ86rSLDtAWirsqZnJ2eDOSilJg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 64ms
17ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 8796
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1621999101.061450,VS0,VE0
x-served-by: cache-hhn11539-HHN

GET
H2 200 logo-gazeta-fallback.svg
assets.gazetadopovo.com.br/images/svg/ 2 KB
1 KB 60ms
9ms Image
image/svg+xml 2600:9000:20eb:6a00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/logo-gazeta-fallback.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:04:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 19:11:32 GMT
server: AmazonS3
age: 9317649
etag: W/"d792eee1076dd5de89b09831c82d0436"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: image/svg+xml
x-amz-cf-id: D94TwuPouxu2gtsTWkux-zSha1j8dTLb24TPf8UcnKWQ6gREU1gRNQ==

GET
H2 200 ico-related-items.svg
assets.gazetadopovo.com.br/images/svg/ 156 B
527 B 58ms
8ms Image
image/svg+xml 2600:9000:20eb:6a00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-related-items.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:59:10 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:29 GMT
server: AmazonS3
age: 9242352
etag: "a1e034e511ddfddbd71c0ee10f8240f0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 156
x-amz-cf-id: jOrQ1Ko1V1NnpRAxqlsp9h-K8WYMI7BqvgOpDLCUK7O41YlDa1WdWg==

GET
H3-29 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 18 KB
19 KB 20ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 01:26:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:44 GMT
server: sffe
age: 93140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18924
x-xss-protection: 0
expires: Wed, 25 May 2022 01:26:01 GMT

GET
H3-29 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 22ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:03:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:53 GMT
server: sffe
age: 522916
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19300
x-xss-protection: 0
expires: Fri, 20 May 2022 02:03:05 GMT

GET
H2 200 Roger-Pereira.jpg
media.gazetadopovo.com.br/2020/10/15185728/ 8 KB
9 KB 10ms
7ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2020/10/15185728/Roger-Pereira.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35dcfaf3dd7c34640d28bd57038a4acf771e8e11a3d52a758a126d5e875c3e74

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 01:16:29 GMT
content-encoding: gzip
last-modified: Thu, 15 Oct 2020 21:57:30 GMT
server: AmazonS3
age: 10375313
etag: "a13a3daf0723007dee897f9f22bcb8f1"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 8333
x-amz-cf-id: VEYN2alaB45qaHmj8hsa9Cbn1MjxjV4BEmn0-TL64F9F7a0pK5tX1A==
expires: Fri, 15 Oct 2021 21:57:28 GMT

GET
H2 200 infog-remote.js Show response
multimidia.gazetadopovo.com.br/recursos/js/ 10 KB
10 KB 37ms
7ms Script
application/javascript 2600:9000:2057:4000:1b:3b3:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://multimidia.gazetadopovo.com.br/recursos/js/infog-remote.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4000:1b:3b3:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/5.5.21 /
Resource Hash: 9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 09:00:37 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
last-modified: Fri, 09 Nov 2018 13:38:20 GMT
server: Apache/2.4.6 (CentOS) PHP/5.5.21
age: 66037
etag: "277a-57a3b76e9180e"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 10106
x-amz-cf-id: L_7Sabn2l_Vk_98nHkBGEwCDMOae-W8llB1ViEYv4SA1ham8pV-1zw==
expires: Tue, 25 May 2021 09:02:44 GMT

GET
H2 200 carlos3.jpg
media.gazetadopovo.com.br/2021/04/05215839/ 10 KB
11 KB 9ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/04/05215839/carlos3.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b9f14aad2e54ad79df17ebbdefefd5b255e048b1d9fa08132c496ef0e1d7128

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 18:02:23 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 06 Apr 2021 00:58:40 GMT
server: AmazonS3
age: 3748559
etag: "8a2226d8b0625081a0aafb0b3b3cf5fe"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10620
x-amz-cf-id: ZnyNy8ulgODhLfXhIFCGAkXZpnK5_iQwKShl1r18j_cuEDCxQO7n-w==
expires: Wed, 06 Apr 2022 00:58:39 GMT

GET
H/1.1 200
OK rep.gif
scomcluster.cxense.com/Repo/ 43 B
469 B 101ms
25ms Image
image/gif 178.63.12.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scomcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=kp4wdw40ut6i3jgj&sid=1138596144857280556&loc=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&new=1&arf=0&ltm=1621999100880&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=kp4wdwah6kc0llvh&ckp=kp4wdwb6nz4r57ha&glb=&wsz=1600x1200
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.63.12.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: de715.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:21 GMT
Server: Jetty(9.4.28.v20200408)
P3P: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 19ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1704850860&_u=IEBAAEAAAAAAAC~&z=1432198280

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1704850860&_u=IEBAAEAAAAAAAC~&z=1432198280

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 paulo-polzonoff.jpg
media.gazetadopovo.com.br/2019/12/02152010/ 8 KB
8 KB 10ms
7ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2019/12/02152010/paulo-polzonoff.jpg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 04:17:26 GMT
content-encoding: gzip
last-modified: Mon, 02 Dec 2019 18:20:12 GMT
server: AmazonS3
age: 9241256
etag: "e94bc2091dec13fcb35322d48e48f9b3"
x-cache: Hit from cloudfront
content-type: image/jpeg
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 7448
x-amz-cf-id: KpBDXDzHCKLj7rDCm9bsOYpwpD3yyuzKjA3dtuOrvbwX7o75dmWNgQ==
expires: Tue, 01 Dec 2020 18:20:10 GMT

GET
H2 200 owl.carousel.min.js Show response
www.gazetadopovo.com.br/assets/legacy/ 43 KB
12 KB 21ms
19ms Script
application/javascript 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/owl.carousel.min.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b

Request headers

:path: /assets/legacy/owl.carousel.min.js
pragma: no-cache
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.1692508585.1621999101; _gat=1; _gcl_au=1.1.687009784.1621999101; cX_S=kp4wdwah6kc0llvh; cX_P=kp4wdwb6nz4r57ha
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:35:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 17:21:37 GMT
server: AmazonS3
age: 8818991
etag: W/"5274afb2522b0f6f1b6a019949c3c104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: hpHilSme9Cu6-EtTfy-jgfABRQOazSUftKumtGiC3GDCeOj-YZPu3w==

GET
H2 200 GazetaDoPovoSDK.js Show response
www.gazetadopovo.com.br/assets/legacy/ 145 KB
37 KB 14ms
11ms Script
application/javascript 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/GazetaDoPovoSDK.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2

Request headers

:path: /assets/legacy/GazetaDoPovoSDK.js
pragma: no-cache
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.1692508585.1621999101; _gat=1; _gcl_au=1.1.687009784.1621999101; cX_S=kp4wdwah6kc0llvh; cX_P=kp4wdwb6nz4r57ha
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 22:02:17 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 18:34:32 GMT
server: AmazonS3
age: 11769365
etag: W/"93db618a4f3bd0163e68ad039dcbd60c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: KwwXhaPVlrk8QSJymtFGIzQAFXWFUD68J9Cvv43nSkrbS2sr2HV1nQ==

GET
H2 200 social.js Show response
www.gazetadopovo.com.br/assets/legacy/ 264 KB
80 KB 14ms
12ms Script
application/javascript 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/social.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374

Request headers

:path: /assets/legacy/social.js
pragma: no-cache
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.1692508585.1621999101; _gat=1; _gcl_au=1.1.687009784.1621999101; cX_S=kp4wdwah6kc0llvh; cX_P=kp4wdwb6nz4r57ha
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 07:21:16 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 16:43:33 GMT
server: AmazonS3
age: 5601426
etag: W/"d36619672c599923a4c9712bd040f9e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 2LpBxBJKA2sFsbzKpwq8AtT9Pg5n_CY0kjlnUgVlUN1V7s98JuBfag==

GET
H2 200 vendor-9baf93355710264da6ef.js Show response
www.gazetadopovo.com.br/assets/ 295 KB
96 KB 23ms
21ms Script
application/javascript 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7

Request headers

:path: /assets/vendor-9baf93355710264da6ef.js
pragma: no-cache
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.1692508585.1621999101; _gat=1; _gcl_au=1.1.687009784.1621999101; cX_S=kp4wdwah6kc0llvh; cX_P=kp4wdwb6nz4r57ha
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 14:32:53 GMT
content-encoding: gzip
last-modified: Thu, 13 May 2021 14:30:45 GMT
server: AmazonS3
age: 1082728
etag: W/"3e425e478050fb49f8d5dbffdd68f55b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 4QFcXg1Rzj0d5z7Kymn0Wa5Yj4mibtuHO_qWr7K0Yt4canNo9Z9icw==

GET
H2 200 gazetadopovo-app-9aba1755c3352379e6e8.js Show response
www.gazetadopovo.com.br/assets/ 366 KB
67 KB 20ms
18ms Script
application/javascript 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-9aba1755c3352379e6e8.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bfb7593f0870ca5be32bc614714755cc08b17529e8c2e8df55dc76fa79fbefc

Request headers

:path: /assets/gazetadopovo-app-9aba1755c3352379e6e8.js
pragma: no-cache
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.1692508585.1621999101; _gat=1; _gcl_au=1.1.687009784.1621999101; cX_S=kp4wdwah6kc0llvh; cX_P=kp4wdwb6nz4r57ha
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 18:43:02 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 18:40:10 GMT
server: AmazonS3
age: 30920
etag: W/"ad57816d1e868f2c7ac76e4df2bbe84a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: SpVEsfR2tRjzQm-QxCDDMlR62dLfTyEG7deJFhCyj6jgJAkAnlVTvQ==

GET
H2 200 google-3.2.2.js Show response
www.gazetadopovo.com.br/assets/legacy/swg/ 114 KB
38 KB 30ms
28ms Script
text/javascript 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3

Request headers

:path: /assets/legacy/swg/google-3.2.2.js
pragma: no-cache
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.1692508585.1621999101; _gat=1; _gcl_au=1.1.687009784.1621999101; cX_S=kp4wdwah6kc0llvh; cX_P=kp4wdwb6nz4r57ha
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gazetadopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 22:04:47 GMT
content-encoding: gzip
last-modified: Mon, 13 Apr 2020 20:50:04 GMT
server: AmazonS3
age: 11769214
etag: W/"9c302f91fb353b7f558cbda7922e6da1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
content-type: text/javascript; charset=UTF-8
x-amz-cf-id: BAzyBHdoC1kw6i8zGcwIm0_rAks3tLl5jfDfYGmm93QmBpogKsEm2Q==

GET
H/1.1 200
OK JSPianoSDK-0.4.4.js Show response
gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/ 323 KB
323 KB 486ms
136ms Script
application/json 52.217.32.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.32.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:22 GMT
Last-Modified: Fri, 05 Mar 2021 13:15:08 GMT
Server: AmazonS3
x-amz-request-id: Z74DSE8Q5RRM1T27
ETag: "cc0b84a81c8868bf472ad514d8695844"
Content-Type: application/json
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 330317
x-amz-id-2: t/z9+q3Rm7DWtZcJYCVgPKAdkXNAHSiwlnSVpbyCj7Rmgx+cr4zV5Zin5S00UfNah2BcPUoT2L4=

GET
H3-29 200 e6Ya311101.js Show response
cdn.privacytools.com.br/public_api/banner/script/ 110 KB
20 KB 37ms
21ms Script
text/plain 2606:4700:20::681a:515
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privacytools.com.br/public_api/banner/script/e6Ya311101.js?p=bottom&t=1
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:515 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06bbf295f6e07bd3697fe3f418129fa95371b5c28509260dcd7513ba0759ff02

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6779
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C6kh09nIDTIJuuHvOa1LxLYfcV1Q8Tsdv78UUaBt1m4BpRlhcdTyOXsGF455Gzx6cQmxzMlDgxhvw7d9nyD2DaUm%2FjmGMwn%2BMy5Iei5t3a56nCamz%2FKPDD3zen8QGgdRB%2FwWsia3sqAKbnFvi6MBFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cache-control: public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
cf-ray: 6553db101a0c2c36-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a48473e1300002c3611168000000001

GET
H/1.1 200
OK 5294.json Show response
s3.amazonaws.com/gp-infoservices/infocoder/ 27 KB
27 KB 466ms
133ms Script
application/json 52.217.193.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/gp-infoservices/infocoder/5294.json?_=1621999100453
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.193.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:22 GMT
Last-Modified: Tue, 20 Oct 2020 21:22:55 GMT
Server: AmazonS3
x-amz-request-id: Z744EC1RD1CYNBJ3
ETag: "16fd83f68ab6025e68cf1c8761f5a7c1"
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 27623
x-amz-id-2: dmiiSOee4LsJL22rRm0lJhTpexaXaIKQlFf7KU4QkwuRx/HrHWXt3caEfaSV8WtWmyqucDMYFBo=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGDAAEALQAAAAC~&jid=1275928456&gjid=802767111&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1692508585.1621999101&_r=1&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&z=1303718567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 88 KB
34 KB 32ms
20ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K98STKR&t=gtm4&cid=1311363325.1621999101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e11352fb308b7f24ff6508761675841a5230951c55fd53a28cd06fccdea1d1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35212
x-xss-protection: 0
last-modified: Wed, 26 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 03:18:21 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D672554%26time%3D1621999101637%26url%3Dhttps%253A%252F%252Fwww.gazetadopovo.com.br...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQLhEqqhisoUCAAAAXmmriu7KKXf6fB5Jspw3ArWrFZeg8dHvgafCjP...

0
155 B

437ms
188ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQLhEqqhisoUCAAAAXmmriu7KKXf6fB5Jspw3ArWrFZeg8dHvgafCjPSrTqu2u8qKtFv_x4X
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: V8Q0Opd/ghaQzd4BEysAAA==

Redirect headers

date: Wed, 26 May 2021 03:18:22 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=672554&time=1621999101637&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&liSync=true&e_ipv6=AQLhEqqhisoUCAAAAXmmriu7KKXf6fB5Jspw3ArWrFZeg8dHvgafCjPSrTqu2u8qKtFv_x4X
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: xrusIZd/ghagM+96iysAAA==

GET
H3-29 200 343122172743779 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/343122172743779?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37d25577e88f765d4381881685f8439ff40b2dc900012402af750d4c44d1d2d2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74233
x-fb-rlafr: 0
pragma: public
x-fb-debug: Sx07iMsntZwxlq0lDfiU4iEQbdlcsLcE0mXo8lcPjpZ8A0PM3RMi/unm3EVqpP+kI13E9l7RtdI/rhwsV2Cfrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 26 May 2021 03:18:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/ 2 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/961891575/?random=1621999101695&cv=9&fst=1621999101695&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31c179e01f2e3c61edf9a268b59fc98d6f01271c1755dad3b3819c3ab374e75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854244571/?random=1621999101714&cv=9&fst=1621999101714&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce0de76b55d0fe412f363d6d56725c46de31db84b8c65f4cdc56243b9339e315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621999101752&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621999101752&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=htt...

64 B
329 B

22ms
18ms

Image
image/gif

143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621999101752&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: pZkx0DSyk97TCv_b1n2ab1MNeuu6l4dnycleWDhIB9huzc2THuYRRQ==

Redirect headers

date: Wed, 26 May 2021 03:18:21 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=13765200&cs_ucfr=1&ns__t=1621999101752&ns_c=UTF-8&cv=3.5&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
content-length: 311
x-amz-cf-id: jU9CvSPr538EljteiMAgR0SK2vVLZj_oS5XEmbCkkawFHHg7qyZGPg==

GET
H2 200 modules.5a9f57d95ecbb1bf1965.js Show response
script.hotjar.com/ 219 KB
58 KB 107ms
28ms Script
application/javascript 13.32.21.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a9f57d95ecbb1bf1965.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-99.fra56.r.cloudfront.net

Software

Resource Hash

2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 58986
access-control-allow-origin: *
last-modified: Mon, 24 May 2021 14:15:04 GMT
etag: "5ceb8315474bd4c418f908d57285720a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Ia7U6cPZJBAz2EfH-FK5rqAtjC9oSNCzDprWWJy3ldt2qNeiaUrAhA==

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 67ms
25ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1275928456&gjid=802767111&_gid=1692508585.1621999101&_u=aGDAAEALQAAAAC~&z=266666968

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 03:18:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 179ms
136ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 26 May 2021 03:18:21 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8ab51cf9508bb0ae0f65b538cb450ff818581b2615ae0ea10fde4241253327c6
x-transaction: b1b7fbd87357a2a7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 148 KB
44 KB 142ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/legacy/swg/google-3.2.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ec6c5b115f5737ef8a927489c8f3f06049c7752fd7ab8b37746ca4a5ce8e39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 16:58:08 GMT
server: sffe
age: 1026
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44971
x-xss-protection: 0
expires: Wed, 26 May 2021 03:51:16 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 143ms
17ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:22 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 82
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a4847414600004aa39c8cf000000001
x-request-id: Ccg2ptqBd89
wn: prod-exp-10-0-139-76
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6553db153c1a4aa3-FRA
expires: Wed, 26 May 2021 03:48:22 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1275928456&_u=aGDAAEALQAAAAC~&z=532868736

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1275928456&_u=aGDAAEALQAAAAC~&z=532868736

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/961891575/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/961891575/?random=1621999101695&cv=9&fst=1621998000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=831319971&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/961891575/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/961891575/?random=1621999101695&cv=9&fst=1621998000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=831319971&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/854244571/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854244571/?random=1621999101714&cv=9&fst=1621998000000&num=1&guid=ON&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2175916389&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/854244571/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854244571/?random=1621999101714&cv=9&fst=1621998000000&num=1&guid=ON&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&tiba=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2175916389&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 18ms
15ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=PageView&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&if=false&ts=1621999102331&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.2.1621999102308.1018929474&it=1621999101674&coo=false&exp=l0&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 26 May 2021 03:18:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 18ms
15ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=343122172743779&ev=ViewContent&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&if=false&ts=1621999102335&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.2.1621999102308.1018929474&it=1621999101674&coo=false&exp=l0&rqm=GET

Requested by

Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 26 May 2021 03:18:22 GMT

OPTIONS
H2 200 flow1
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ Frame 0
0 160ms
114ms Preflight
application/json 65.9.69.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Protocol: H2
Server: 65.9.69.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:22 GMT
x-amzn-requestid: 65ab0b86-dddb-49af-be40-ec474a2fd85d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: f6qfyFn9oAMFhCQ=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 61dSyRH8EFvJJPYs5BmAhErb3epWfaQ6W9Pz5M3C7R36luwNGv4LJA==

POST
H2 200 flow1 Show response
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/ 504 B
880 B 121ms
121ms XHR
application/json 65.9.69.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://3wf9o7mmzc.execute-api.us-east-1.amazonaws.com/prd/flow1
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ce129b6f1649df805159a3e103cca5c514b5ad91e56044bc540e9bf47069c3e2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:22 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 59402f13-5b06-45c9-9b79-1ae3bd7f9a72
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60adbdfe-3cbe2e8f231981c275c93487;Sampled=1
x-amz-apigw-id: f6qf0EJToAMFg6w=
content-length: 504
x-amz-cf-id: HcayWgyCOOdZe4YdjSgqRVogEkCU0jvaBO917Ucs3JuPzsBHENJDIQ==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 191ms
139ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1ecj&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 26 May 2021 03:18:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5e22e6791b7203273e186b775ac8527604d4eaf7b25c2f013932c3d21dc14b8c
x-transaction: 881431da33ba69f2
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
118 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1433297151&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Placar%20Covid%20no%20Paran%C3%A1%20-%20Componente%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjAAEALQAAAAC~&jid=87303138&gjid=1466462557&cid=1311363325.1621999101&tid=UA-70198534-1&_gid=2108938275.1621999102&_r=1&_slc=1&cd1=infocoder&cd2=5294&z=7190592

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ico-arrow-left.svg
assets.gazetadopovo.com.br/images/svg/ 127 B
498 B 8ms
8ms Image
image/svg+xml 2600:9000:20eb:6a00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-left.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 09:07:46 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:27 GMT
server: AmazonS3
age: 9569437
etag: "6ae51f29a6cffccc223655e32d23de10"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 127
x-amz-cf-id: ow9xbh7aJxBgHwli2P_j9RMMWCPxMMim1K260jG721cIARNy7x2EbQ==

GET
H2 200 ico-arrow-right.svg
assets.gazetadopovo.com.br/images/svg/ 123 B
495 B 8ms
3ms Image
image/svg+xml 2600:9000:20eb:6a00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/svg/ico-arrow-right.svg
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 11:47:20 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
last-modified: Tue, 30 Mar 2021 21:25:52 GMT
server: AmazonS3
age: 4807863
etag: "360b8c417ef8fc3088f833de9723ae18"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/svg+xml
content-length: 123
x-amz-cf-id: z2OYmT0aahams5ZD_IsRRwntXsq583cMx6EhA3eUymbY3FoxyIP3iQ==

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 0736 2 KB
1 KB 69ms
17ms Document
text/html 143.204.202.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-457089.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-71.fra53.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-21ccaa45726c0f3c8c458f7a87eb2298.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 20 May 2021 13:17:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Thu, 20 May 2021 13:16:24 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: DRFK8i42OF4-jjeR_jZZDKWEWt1n95mYUxd-ti6G7jOc5ARC3SYEcw==
age: 482478

GET
H2 200 / Show response
infograficos.gazetadopovo.com.br/json-google-spreadsheet/ 764 B
1002 B 819ms
419ms Script
application/json 2600:9000:214f:7400:16:bc5f:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://infograficos.gazetadopovo.com.br/json-google-spreadsheet/?callback=jQuery331039031931428054567_1621999100454&id=1Pn1D6-1SwjcjvVnigSTDUrgGfI3-xub00yvRMkRPIpI&sheet=3&_=1621999100455
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7400:16:bc5f:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a25dc05cd9fee8fbe397554eb7d22573b0a2930e6b883d2ae5931702e762aa4f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
content-length: 764
x-amz-cf-id: ROil3oRxoalKD89O_SKHHwp3EbbutotF4NaGF8ptXKzuwmpo5HqYWA==

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 409 KB
128 KB 31ms
29ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=izBe3CQ7pu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7999ade59d216aa88a40cb343810e7a85f0ccd7a1042e71a82053b59ee52cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 41
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a4847435d00004aa3ae2ea000000001
wn: prod-dash-10-0-130-176
last-modified: Mon, 24 May 2021 13:18:26 GMT
server: cloudflare
etag: W/"418839-1621862306000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 6553db1898064aa3-FRA
expires: Wed, 26 May 2021 03:23:22 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 963
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Wed, 26 May 2021 03:52:19 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 2490 25 KB
8 KB 97ms
85ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=450555

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eba6e0ef3aa77db65a6692230e363f25971c07192d1cc3bdb95d4fcee1947a8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zq+vaQV2bKMAIeb+0WnPaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-zq+vaQV2bKMAIeb+0WnPaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=450555
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 26 May 2021 03:18:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-zq+vaQV2bKMAIeb+0WnPaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-zq+vaQV2bKMAIeb+0WnPaw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=216=W2JLU86iQ9IJlJP6ECjZk901nCiKeMW44D7pm4NUTqmnfLZTzuSu6O0B_rcrQRnQfZKwMjDvMHIX_q0he0BjjYeBjPcQ1akKg0tyZXj0y946ty0yqLHNDa0uIu6wuo7QZfB9NwrRsnH9Dxuezh-pcPMxzhWLQrCMaTzjdneHRR8; expires=Thu, 25-Nov-2021 03:18:23 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 9ms
8ms Other
image/svg+xml 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 961
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Wed, 26 May 2021 03:52:22 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 22ms
19ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQO38EjKGZcHICb5X

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 26 May 2021 03:18:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/ 2 B
783 B 374ms
72ms Fetch
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/gazetadopovo.com.br/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 / Show response
www.gazetadopovo.com.br/ 0
352 B 397ms
395ms XHR
text/html 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/?&_=1621999101986
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.3.1311363325.1621999101; _gid=GA1.3.2108938275.1621999102; _hjTLDTest=1; _hjid=58df5f05-7160-4557-8615-e602c8420230; _hjFirstSeen=1; _gat_trackerInfocoder=1; _fbp=fb.2.1621999102891.997696657
:path: /?&_=1621999101986
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: HEAD
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 02:01:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"c947b43163edc1430e31a6228e4fc90f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=600
content-type: text/html
x-amz-cf-id: LEj6AOrnSBXvIwwl4WChgpAdzfMVjv99bhwkbpku4d4BgiQgrgfA5g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-70198534-1&cid=1311363325.1621999101&jid=87303138&gjid=1466462557&_gid=2108938275.1621999102&_u=aGjAAEALQAAAAC~&z=1830020478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 03:18:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
3 KB 234ms
234ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e7b3c7c788008407fb5cff39e3bce8ccfce65e47aa31c27eb8e8826f090e88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a484745f300004aa3c0251000000001
x-request-id: Cni2ptqXGjh
pragma: no-cache
wn: prod-exp-10-0-84-143
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6553db1cbc914aa3-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
305 B 32ms
27ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a4ad0f823bd853e0fc15c2c7985d3405e62b6a5ce37a36c54cde2f91aef94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 131
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a4847460300004aa3c1b48000000001
x-request-id: C0f2ptq2IoI
pragma
wn: prod-dash-10-0-139-28
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.002
cache-control: public, max-age=1200
cf-ray: 6553db1cdca84aa3-FRA
expires: Wed, 26 May 2021 03:38:23 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame 2490 21 KB
6 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450555

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:02:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 964
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Wed, 26 May 2021 03:52:19 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7po... Frame 2490 148 KB
52 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7po2BQqEAK0acGYycOeC8oWAs9Rw/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450555

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39f0f04f9b7a439d5f0f6aa4756eb1bd97911442321eec16e902fb435229c763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:48:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 22 May 2021 15:50:20 GMT
server: sffe
age: 116968
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53053
x-xss-protection: 0
expires: Tue, 24 May 2022 18:48:55 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 550 B
795 B 257ms
239ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d38f40f22b54edbf7c0e0b6904e0fc7b7e48ef6cf6a0fa42b11335e0045c09a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a4847473c00004a9809940000000001
x-request-id: Cni2ptq0U4O
pragma: no-cache
wn: prod-dash-10-0-81-117
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.003
cf-ray: 6553db1ecaed4a98-FRA
expires: 0

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 2490 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450555

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 522921
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 20 May 2022 02:03:02 GMT

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame A04C 7 KB
2 KB 17ms
17ms Document
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df8206cdae7eee99465aa071c14d0e1775629fb38107433d8aea6e06bcb3bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=1800
expires: Wed, 26 May 2021 03:48:23 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.001
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-120-248
x-forwarded-https: on
x-request-id: C492ptqGuYq
x-xss-protection: 0
cf-cache-status: HIT
age: 343
cf-request-id: 0a4847475200004aa3ae319000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6553db1eeefa4aa3-FRA
content-encoding: br

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L... Frame 2490 36 KB
13 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI7po2BQqEAK0acGYycOeC8oWAs9Rw/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3646cc3dda1d8691ca19d11710cbcc403a636290e5fdb705b4e377bfcc1ef7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 21:56:58 GMT
server: sffe
age: 116690
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13425
x-xss-protection: 0
expires: Tue, 24 May 2022 18:53:33 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L... Frame 2490 96 KB
32 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71fPSp8WE3MjN8aYw9WsW5GhTKIw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bc3071744d4f400c2be998637df4f4970a3347a703b98b4ee090f6396a80b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 21:56:58 GMT
server: sffe
age: 116690
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33189
x-xss-protection: 0
expires: Tue, 24 May 2022 18:53:33 GMT

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame A04C 33 KB
5 KB 22ms
21ms Stylesheet
text/css 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4788
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a484747af00004aa3640c5000000001
wn: prod-dash-10-0-86-194
last-modified: Mon, 24 May 2021 12:49:22 GMT
server: cloudflare
etag: W/"33843-1621860562000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 6553db1f7f9c4aa3-FRA
expires: Wed, 26 May 2021 05:18:23 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame A04C 509 KB
144 KB 38ms
37ms Script
text/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.198.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c05aa731c38619958a190528140a60310cc12f406c4798ed47ed6b583bfecac

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1173
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a484747af00004aa3c93ee000000001
wn: prod-dash-10-0-130-41
last-modified: Mon, 24 May 2021 12:49:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.002
cache-control: public, max-age=603627
x-optimized-by: _sam
cf-ray: 6553db1f7f9d4aa3-FRA
expires: Wed, 02 Jun 2021 02:58:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A04C 6 KB
663 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 03:18:23 GMT
server: ESF
date: Wed, 26 May 2021 03:18:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 03:18:23 GMT

GET
H2 200 2105_onpage_ofertas-maio_410x460px.jpg
media.gazetadopovo.com.br/2021/05/25141615/ Frame A04C 47 KB
47 KB 17ms
10ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25141615/2105_onpage_ofertas-maio_410x460px.jpg
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4191e4f2ea7f4a9f8381c77d886fea37cb16f95a676b1baeedb62ee4ac8d1bbe

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 17:33:37 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 17:16:16 GMT
server: AmazonS3
age: 35087
etag: "ec52feffbd2d393ce244cd0a83d98ef0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 48193
x-amz-cf-id: 8o8xvYNfugCwkGQOKqHkIwIv7X_g0P_-eykOSNaI_pM_oOZexx6_dQ==
expires: Wed, 25 May 2022 17:16:15 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 2490 257 B
225 B 67ms
67ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-3443442214967994959&bl=boq_subscribewithgoogleclientserver_20210523.15_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=19104&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b775ef845d29960dc9db01ba33356d700864ee38b9b15988c1f0e8fbbdaf0749

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L... Frame 2490 46 KB
17 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71fPSp8WE3MjN8aYw9WsW5GhTKIw/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7a0a9e194863e5bfee21f7a50e3c4a3224cb2aa5af9e6a95fe342d5699b67cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 21:56:58 GMT
server: sffe
age: 116691
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17666
x-xss-protection: 0
expires: Tue, 24 May 2022 18:53:33 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L... Frame 2490 236 B
183 B 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71fPSp8WE3MjN8aYw9WsW5GhTKIw/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 21:56:58 GMT
server: sffe
age: 116691
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Tue, 24 May 2022 18:53:33 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L... Frame 2490 796 B
469 B 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.8CMlYlrQVW8.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XOeTi-gXsPE.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71fPSp8WE3MjN8aYw9WsW5GhTKIw/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e65cdb120ecd176ef87ddbbc328a7aef97a63dab7f4192d4b2d10af60552b33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 21:56:58 GMT
server: sffe
age: 116691
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Tue, 24 May 2022 18:53:33 GMT

GET
H2 200 2105_onpage_ofertas-maio_320x168px.gif
media.gazetadopovo.com.br/2021/05/25141618/ Frame A04C 95 KB
95 KB 8ms
7ms Image
image/gif 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25141618/2105_onpage_ofertas-maio_320x168px.gif
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17aed327396aa2752f1d381fca20942988d76e7158b48b784b711933bf7ee437

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 17:33:04 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 17:16:19 GMT
server: AmazonS3
age: 35121
etag: "35ba51a5358e26991374c824d97b9416"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 96954
x-amz-cf-id: -NFMtaP-Lf0SC4tRLtAjVvc2HvGJviskbKBxSri8wuQAR1XJ8Rvd6A==
expires: Wed, 25 May 2022 17:16:18 GMT

POST
H2 200 log Show response
play.google.com/ Frame 2490 131 B
313 B 42ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:24 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 2490 131 B
154 B 42ms
41ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:24 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 54ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 26 May 2021 03:18:24 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 May 2021 03:18:24 GMT
cache-control: private

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 53ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 26 May 2021 03:18:24 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 May 2021 03:18:24 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 2490 131 B
154 B 48ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:24 GMT

OPTIONS
H3-29 200 log
play.google.com/ Frame 0
0 208ms
195ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

H3-29

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 26 May 2021 03:18:24 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 May 2021 03:18:24 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 2490 131 B
154 B 59ms
59ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:24 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/template/ Frame A04C 53 B
302 B 235ms
235ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/trackShow

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.198.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=izBe3CQ7pu&templateId=OTM7QNGP18MG&templateVariantId=OTVJXKC2CJJ8Z&offerId=fakeOfferId&experienceId=EXFI1CFBA225&iframeId=offer_07f38ae3b57d5fe8ecea-0&displayMode=modal&widget=template
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a484749b600004aa3e80e9000000001
x-request-id: Coi2ptqWFQP
pragma: no-cache
wn: prod-dash-10-0-139-28
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
x-xss-protection: 0
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-ray: 6553db22bb544aa3-FRA
expires: Thu, 01 Jan 1970 12:00:00 NZST

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 157ms
114ms Preflight
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:24 GMT
x-amzn-requestid: 711029be-2562-4370-8ebd-7593450768ab
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qgGFZGIAMFnvw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: V7XfIvQbhm39AW4izuH05T9dNyJByagJPdked-6nG477R-GUeg1OQg==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 573ms
549ms XHR
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: / Express
Resource Hash: e10ef464497dc7fa51496695a915739386ea0056641ed3d1e0d9f6d839c83cba

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 May 2021 03:18:25 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
etag: W/"4b5-9yApmi9VtvkG+0Kv7Tscd5J5RYk"
x-amzn-remapped-content-length: 1205
x-amzn-remapped-date: Wed, 26 May 2021 03:18:25 GMT
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qgKGY1oAMFgZA=
content-length: 1205
x-amzn-requestid: ea1cfc43-17c7-479d-9429-3039b0ad948b
x-amzn-trace-id: Root=1-60adbe00-4724c350047d7bcf0ce167cb;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: AOqc9LlP38nQ0IsgBVwKTEhkJDai4UMGfpg6pRNzIdV9IYt8y3AA-g==
x-amzn-remapped-connection: close

GET
H3-29 200 qFdA35WCmI96Ajtm81keds7N4ho.woff2
fonts.gstatic.com/s/overpass/v5/ Frame A04C 20 KB
20 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdA35WCmI96Ajtm81keds7N4ho.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 06:11:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:09:41 GMT
server: sffe
age: 248841
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20252
x-xss-protection: 0
expires: Mon, 23 May 2022 06:11:03 GMT

GET
H3-29 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v5/ Frame A04C 20 KB
20 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v5/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://buy.tinypass.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 05:41:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:51 GMT
server: sffe
age: 250590
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20196
x-xss-protection: 0
expires: Mon, 23 May 2022 05:41:54 GMT

GET
H2 200 2105_onpage_ofertas-maio_410x460px.jpg
media.gazetadopovo.com.br/2021/05/25141615/ Frame A04C 47 KB
47 KB 13ms
13ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25141615/2105_onpage_ofertas-maio_410x460px.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4191e4f2ea7f4a9f8381c77d886fea37cb16f95a676b1baeedb62ee4ac8d1bbe

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 17:33:37 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 17:16:16 GMT
server: AmazonS3
age: 35088
etag: "ec52feffbd2d393ce244cd0a83d98ef0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 48193
x-amz-cf-id: Yox6zU1mtf9jNPV2QZZrLi3AKMl0-mTgy_OzXD3J11e5a1CSmQ5ceQ==
expires: Wed, 25 May 2022 17:16:15 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 /
comments.gazetadopovo.com.br/content/count/comments/ Frame 0
0 172ms
120ms Preflight
application/json 2600:9000:20eb:de00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%2231c8a960-bdb0-11eb-af7a-d7af4fcd18b1%22,%22f2414770-bda5-11eb-b111-53bb9305488d%22,%22ada7c710-bd96-11eb-aede-1bdb6e664582%22,%22493dbcb0-bd9d-11eb-aa35-f79423ec32ff%22,%2260975060-bd98-11eb-aede-1bdb6e664582%22,%22e190d7d0-bdad-11eb-a572-814ef8bc1c0e%22,%228d691520-bdb0-11eb-af7a-d7af4fcd18b1%22,%22f5ad5930-bdb9-11eb-b3c3-db9afbf14367%22,%2296114b10-bd93-11eb-aede-1bdb6e664582%22,%222c85b4c0-bd9c-11eb-aa35-f79423ec32ff%22,%22b506e920-bda3-11eb-abdb-ed9be672da19%22,%22832207a0-bd9e-11eb-b111-53bb9305488d%22,%22d912b9c0-bdb7-11eb-b3c3-db9afbf14367%22,%22563aa920-bdb4-11eb-b3c3-db9afbf14367%22,%2262c4c570-bd9d-11eb-aa35-f79423ec32ff%22,%22fe78cd90-bda7-11eb-9610-5f2e4568e910%22,%22d4a0c200-bda9-11eb-9610-5f2e4568e910%22,%22b07985e0-bdb0-11eb-a572-814ef8bc1c0e%22,%227027bc20-bdb3-11eb-b3c3-db9afbf14367%22,%22fb2e87c0-bdab-11eb-a572-814ef8bc1c0e%22,%228d58a1c0-bdad-11eb-8f2a-e3aa835631fa%22,%226d383af0-bd7f-11eb-83f2-03ff0a62dc44%22,%2299fa8570-bd8e-11eb-bbd9-d1be10fc55dd%22,%221683cb60-bdad-11eb-a572-814ef8bc1c0e%22,%2220654b00-bd98-11eb-aede-1bdb6e664582%22,%2247a76640-bd92-11eb-aede-1bdb6e664582%22,%222692e760-bda4-11eb-abdb-ed9be672da19%22,%22e3d2b370-0bc9-11ea-a40b-d194e2f2a6d0%22,%22bd5a4b90-bcc6-11eb-adb8-f5b0de1dec40%22,%229b1514b0-bcb3-11eb-8fab-89b62222d416%22,%22ce67b720-bda1-11eb-abdb-ed9be672da19%22,%22a28a8000-bd93-11eb-aede-1bdb6e664582%22,%22badc1c70-bcd7-11eb-b3a8-1977b37ccede%22,%2288997780-b714-11eb-a37a-bb4e046caf15%22,%228d27e910-bd92-11eb-9b7f-f7d3040791d7%22,%2275472510-bcc8-11eb-9fb2-db00e91fac0c%22,%229ba6f080-bc1b-11eb-8e24-a11882f0babb%22,%220e7132e0-baa2-11eb-b949-0564bf22cd17%22,%22cfaa3000-ba71-11eb-a5e1-3fda3f8b335a%22,%22da0cd640-bcbc-11eb-b38c-5bdc877f1bba%22,%2295934140-bafd-11eb-b921-9f48b67961da%22,%2264ba14c0-ba87-11eb-b51f-29abcc5187fd%22,%229b23bcb0-ba2c-11eb-bfaf-af6a387658e9%22]
Protocol: H2
Server: 2600:9000:20eb:de00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:25 GMT
x-amzn-requestid: a0aa8edc-c481-4118-a4d8-0da1fadb337b
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token
x-amz-apigw-id: f6qgSF5KIAMFYTQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront), 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2 FRA2-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ZYLXH2o_XM5KqxwofHT1I_LsArSmVrRWpe8L29bKKJHb06l15PdIfA==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 314ms
314ms Preflight
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:25 GMT
x-amzn-requestid: 092e0960-ccf8-4c88-bbd4-fe9e0d5f6aa2
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qgUHcUoAMFTNg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 1WBgO8lE1cO8Xb-1db6Y97P2rf-iaCuJqIQ8LBn9QnNrbOzb_hP0uQ==

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 598ms
595ms Preflight
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:26 GMT
x-amzn-requestid: 304c9ebd-d329-47a5-b134-ce02d3a196ab
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qgVFM7oAMFSuw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xUYXakI_NR5t4fwn9cl0ijkOPsy1_k7H2q8CM-4zLOELcCm-vaAmnQ==

OPTIONS
H2 200 /
www.semprefamilia.com.br/cookie-exchanger/ Frame 0
0 291ms
287ms Preflight
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 26 May 2021 03:18:25 GMT
x-amzn-requestid: fd7f235b-0f4f-4eaf-937e-9b60805a70d5
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qgUHy_IAMFlxQ=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront), 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1 FRA6-C1
x-cache: Miss from cloudfront
x-amz-cf-id: E8xWK-xkuNnaoTVMUmdnrYFyrHpdc_zCx4CAQ1MbAdph0NMfM2wpjA==

OPTIONS
H2 200 /
www.umdoisesportes.com.br/cookie-exchanger/ Frame 0
0 324ms
285ms Preflight
application/json 2600:9000:214f:4000:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Protocol: H2
Server: 2600:9000:214f:4000:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Wed, 26 May 2021 03:18:26 GMT
x-amzn-requestid: a14080b8-e0d6-4093-a9ac-2f06942099ea
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-headers: Authorization,Content-Type,Content-Length,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qgVF0NoAMFmkg=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront), 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1 FRA53-C1
x-cache: Miss from cloudfront
x-amz-cf-id: nK5CBHQ71lT3mVlcXoFa4LJQK_7IzvrWsjBPe46N5ID3HJc2dcM0uQ==

GET
H2 200 privatizacao-da-eletrobras-promete-energia-barata-mas-pode-elevar-tarifa.json Show response
json.gazetadopovo.com.br/economia/ 33 KB
9 KB 46ms
10ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/privatizacao-da-eletrobras-promete-energia-barata-mas-pode-elevar-tarifa.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b888dbe0099c87f2a25e1f2f770e222296c2eadd5bd66cb19b51187c38d0220

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"188ce74d98186a9129bae1d627366577"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:25:34 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qQzjiRUFUZRKPrCVsWmNnNi6FRmyR6l99JGcXOz0qGCumV7bFy3LmA==

GET
H2 200 voto-impresso-auditavel-pec-relator-filipe-barros-votacao-julho.json Show response
json.gazetadopovo.com.br/republica/ 30 KB
8 KB 46ms
12ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/voto-impresso-auditavel-pec-relator-filipe-barros-votacao-julho.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d632418dd0721e653de546c8c3f5cd8ef9c89724a2fd68ccfefc96cba9618ffb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b4b7bdd7f073cd70aa6fda14aa8b4584"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:12:14 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fUeeD_StteY2EqpVkCf13zKj1Vns2fUQMqNwzGQM3C_tWqPYAGGJyw==

GET
H2 200 pacheco-diz-confiar-nas-eleicoes-mas-aceita-debate-sobre-voto-impresso.json Show response
json.gazetadopovo.com.br/republica/breves/ 15 KB
4 KB 92ms
60ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/pacheco-diz-confiar-nas-eleicoes-mas-aceita-debate-sobre-voto-impresso.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c45daafa9d150b121863b9b7e746e7bb3a143e8d8ea49287fcdb49193dcb079

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"547f4cc0d3b04164dde91c25b05c87b1"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:38:04 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: PZdRhi3pVzKMdU_jQLWRfo_qSJqu7-BQWympsARwujgOkKT3tIwJtg==

GET
H2 200 como-lula-pode-influenciar-bolsonaro-na-escolha-de-novo-partido.json Show response
json.gazetadopovo.com.br/republica/ 31 KB
8 KB 60ms
43ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/como-lula-pode-influenciar-bolsonaro-na-escolha-de-novo-partido.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fccfc2adbaf4c09789fb82e050b803ee7916a51dc80dac2d3b61b105d8c2a40e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8ad645e8979153d1259da5411b4405c9"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:25:44 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: MKKM0vSTaJ2HqmTzKEN4iWFG3z51faA_0LR7lvcGKaazrPZeJgT1wA==

GET
H2 200 tse-autoriza-quebra-de-sigilo-contra-chapa-bolsonaro-mourao-por-ataque-hacker.json Show response
json.gazetadopovo.com.br/republica/breves/ 16 KB
4 KB 43ms
27ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/tse-autoriza-quebra-de-sigilo-contra-chapa-bolsonaro-mourao-por-ataque-hacker.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 590e9fd3747f1a5f263d7a5ac3ca5c2429ddbfcd6d51b75af09626a4441c9910

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4ae1b828be0376a967f29d9074480ad5"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:54:24 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Jv_QZrj9g4HwyfPww0feARrzgKXbGRlscvjzo7IVRZ6Lcevn2zjV8Q==

GET
H2 200 a-memoria-do-holocausto-banalizada-fala-de-renan-calheiros-na-cpi-esta-fora-de-lugar.json Show response
json.gazetadopovo.com.br/ideias/ 23 KB
7 KB 39ms
26ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/a-memoria-do-holocausto-banalizada-fala-de-renan-calheiros-na-cpi-esta-fora-de-lugar.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 636bbb70e17146ed0d40f1a37db24450d472e593f3193da75412ed89e849b6c8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ff3af265fd58b591b88ef178533abaa7"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:08:21 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: EhoJVfGSxi1kd7iZqnu7Ra-f6Lnx52nvcP15vuq07Mlyd1r97ekYqw==

GET
H2 200 reformas-tributaria-administrativa-ccj-lira-pacheco.json Show response
json.gazetadopovo.com.br/opiniao/editoriais/ 29 KB
6 KB 50ms
39ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/opiniao/editoriais/reformas-tributaria-administrativa-ccj-lira-pacheco.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73307ce2b78fe8463e45e9b8adde2b2396d1154bdb471be5e56075c4ab34aa41

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"82a8c619ca8f7c23e51f2676af9a09d9"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:59:04 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 8NJcZUbPKl3JwWnGSn993CZQO1lkKpRp25hu7udTSsAEHWyoxwTWeg==

GET
H2 200 senado-aprova-pl-do-primeiro-emprego-e-texto-segue-para-a-camara.json Show response
json.gazetadopovo.com.br/economia/breves/ 19 KB
4 KB 33ms
25ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/breves/senado-aprova-pl-do-primeiro-emprego-e-texto-segue-para-a-camara.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08f35f6879ac4f23abdaeaba1faea10cbae41f0ba7c4cfcb97da89730b087127

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d5cc15faadaf67a8c7f24ac24969a953"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 01:41:54 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: RnQZmdhkxyuURblZ5_7f7oD6nArLW2svcZLY9JCxt0CR2oviWdpj9A==

GET
H2 200 equipe-de-trump-alertou-governo-biden-sobre-iminente-crise-migratoria-na-fronteira.json Show response
json.gazetadopovo.com.br/mundo/ 33 KB
8 KB 20ms
14ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/equipe-de-trump-alertou-governo-biden-sobre-iminente-crise-migratoria-na-fronteira.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b959f68d67a202a0bd97233ffbee66a646a248bb58a3e2c5983c8f3d2f98c71c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f86227bd7cf962dc6aa74452f98f1dc7"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:12:16 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 64wLTND0E0oZl-piFBloqHpZZAf0XCFEg0kwhuwYyqc4i-gTt03ifg==

GET
H2 200 projeto-do-senado-pode-enfraquecer-lei-maria-da-penha.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/ 33 KB
7 KB 49ms
45ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/projeto-do-senado-pode-enfraquecer-lei-maria-da-penha.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3867a2e3c3d638766fa04292140afcebce0199f5b2e544af9e7da35bc9d03ca

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a8246034bada2c4e761e6f77bac0b99e"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:26:29 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: UFTJov5ZkEqvw_6od4sSu6qkKC-1W6_4GbNlqyWLKYJ07Y4Ilnq0Vw==

GET
H2 200 minha-visao-sobre-espetaculo-doutora-mayra-na-cpi.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 73 KB
10 KB 41ms
38ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/minha-visao-sobre-espetaculo-doutora-mayra-na-cpi.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ba5402cef6043213cfd852fc83fce90ca577f637e2063af1c37f61953366995

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"39ae4c525083588f2b8c99e615cc900f"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 00:34:19 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: s9RUWRmpLhAsgINhJLinF0uGpqbbbxPh7wyAmVUnkVtiYrzFgms8pQ==

GET
H2 200 minha-visao-sobre-espetaculo-doutora-mayra-na-cpi.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 73 KB
10 KB 41ms
39ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/minha-visao-sobre-espetaculo-doutora-mayra-na-cpi.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ba5402cef6043213cfd852fc83fce90ca577f637e2063af1c37f61953366995

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"39ae4c525083588f2b8c99e615cc900f"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 00:34:19 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: F-yIjHncgwlfTm5eZqfUcWiSNk2tE7t3h3OR0g80c1Mz5kifXH4g5g==

GET
H2 200 para-que-serve-uma-cpi.json Show response
json.gazetadopovo.com.br/vozes/thamea-danelon/ 72 KB
10 KB 58ms
56ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/thamea-danelon/para-que-serve-uma-cpi.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06a1630c35e630a049d5cd68eba29a3a4d3ce26749533c43bbe55cc61ecce183

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8195c2a2e5964c59bc634ab09164e929"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 19:59:19 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Pgi18NbpKtPs2EEGKj3lEMne2cbFGVEIPFSZ4wNANgQNJyXjCymwOA==

GET
H2 200 para-que-serve-uma-cpi.json Show response
json.gazetadopovo.com.br/vozes/thamea-danelon/ 72 KB
10 KB 59ms
57ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/thamea-danelon/para-que-serve-uma-cpi.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06a1630c35e630a049d5cd68eba29a3a4d3ce26749533c43bbe55cc61ecce183

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8195c2a2e5964c59bc634ab09164e929"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 19:59:19 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Jwbu5h10lhAhjA4zRNLnLJUJEGM9i6H1_2JmdiLNaQKp0l2_u3nrcw==

GET
H2 200 biden-israel-e-o-novo-warlord.json Show response
json.gazetadopovo.com.br/vozes/daniel-lopez/ 67 KB
10 KB 114ms
25ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/daniel-lopez/biden-israel-e-o-novo-warlord.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c2209d3c61e1734d3e0b117dfbc2ed043681d106570203697d45880c7d36ee1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f8b2ca092b9d7e9bb192466913599345"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:10:37 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: GwJrY2O-mh4jI8LpvYpJfsNZ0aImhZsLWHujucF6UevUGpI2BrgnMQ==

GET
H2 200 biden-israel-e-o-novo-warlord.json Show response
json.gazetadopovo.com.br/vozes/daniel-lopez/ 67 KB
10 KB 118ms
30ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/daniel-lopez/biden-israel-e-o-novo-warlord.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c2209d3c61e1734d3e0b117dfbc2ed043681d106570203697d45880c7d36ee1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f8b2ca092b9d7e9bb192466913599345"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:10:37 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jmyLucytWJ26_kDlSUOHRPvBznwuTjnFlyRmo_P7WwoYNo0o4febrQ==

GET
H2 200 e-certo-negar-uma-adocao-a-uma-lesbica-e-a-quem-nao-acredita-em-homossexualidade.json Show response
json.gazetadopovo.com.br/vozes/madeleine-lacsko/ 68 KB
11 KB 127ms
0ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/madeleine-lacsko/e-certo-negar-uma-adocao-a-uma-lesbica-e-a-quem-nao-acredita-em-homossexualidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfcf7f1b2d25673769aac07fc4a7ee2aed0c6566ac467c6317ea4c30f34808d2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b988f0cdb3d99ed04fcd9bae26fc271d"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:39:13 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: snvbxyZFhsbzRTXvWrULm31PPtY2afQsB3xiZC3N2yVnx8c0PPQpjA==

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/madeleine-lacsko/e-certo-negar-uma-adocao-a-uma-lesbica-e-a-quem-nao-acredita-em-homossexualidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfcf7f1b2d25673769aac07fc4a7ee2aed0c6566ac467c6317ea4c30f34808d2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b988f0cdb3d99ed04fcd9bae26fc271d"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:39:13 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: sSVLbhybi1au3ZcCiZwWsQRw-194PbDu6CBNE_m3Z-FA2jao2nSVGA==

GET
H2 200 friends.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 63 KB
9 KB 183ms
4ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/friends.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 947944495de2b8bbe49392067709a3e2ffea85c162f839685e4fe782a4f53f66

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0081cbc1d599122e8f812bcc636bd923"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 18:07:38 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: xkSGVDNTglmIK5mr7_e-woWpEmdRNzXQ0eMpa8e8W_1NqQVW3DgX0w==

GET
H2 200 friends.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 63 KB
9 KB 183ms
4ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/friends.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 947944495de2b8bbe49392067709a3e2ffea85c162f839685e4fe782a4f53f66

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0081cbc1d599122e8f812bcc636bd923"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 18:07:38 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: gZhd1f5OLMP8pCE0ViYyESR1it8cxLWBsWLvkHWt6SzMKb8hmP7WhA==

GET
H2 200 renan-calheiros-traca-paralelo-da-gestao-federal-na-pandemia-com-o-nazismo.json Show response
json.gazetadopovo.com.br/rodrigo-constantino/ 18 KB
4 KB 228ms
49ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/rodrigo-constantino/renan-calheiros-traca-paralelo-da-gestao-federal-na-pandemia-com-o-nazismo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c3d1fdad42634214c048e06d939e06be783e801559b53ddef4752a399856d5d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5724ca7befb7f8698d7751623dbf9d0f"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 14:09:11 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 2UJRx77NaHL_lnx8wjs6UE0VoYSmiVPI7QHEx43QKhe_ZIq_6orEgg==

GET
H2 200 renan-calheiros-traca-paralelo-da-gestao-federal-na-pandemia-com-o-nazismo.json Show response
json.gazetadopovo.com.br/rodrigo-constantino/ 18 KB
4 KB 228ms
50ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/rodrigo-constantino/renan-calheiros-traca-paralelo-da-gestao-federal-na-pandemia-com-o-nazismo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c3d1fdad42634214c048e06d939e06be783e801559b53ddef4752a399856d5d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5724ca7befb7f8698d7751623dbf9d0f"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 14:09:11 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: CnybM7m59NrWh0p9_ZLKUrK_RXcX9lGCfoRn3i1OuRPS4V9AxiwpxA==

GET
H2 200 sera-preciso-revacinar-idosos-que-tomaram-coronavac.json Show response
www.semprefamilia.com.br/json/saude/ 23 KB
24 KB 595ms
395ms XHR
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/sera-preciso-revacinar-idosos-que-tomaram-coronavac.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52696f26e772fcaf37a7d2b55dc13c2384941011a23815bbcef63800291c6954

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:26 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 23678
last-modified: Tue, 25 May 2021 21:24:48 GMT
server: AmazonS3
etag: "b9e16c8db0d141f752ea8ea2e7ebb3f8"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: rdDfilM4BW7bPtEaScSp__q2qF3yhKW0uyMdkVVQx4GYQJQhmk2GFw==

GET
H2 200 sociedade-de-virologia-confirma-nova-variante-do-coronavirus-no-interior-de-sp.json Show response
json.gazetadopovo.com.br/republica/breves/ 17 KB
4 KB 147ms
5ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/sociedade-de-virologia-confirma-nova-variante-do-coronavirus-no-interior-de-sp.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55bb2eef71870ee77106282e7503bfb448af6c24a9ec9d97b0a65d98212aa4ef

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c9dc4ed03015eea6d49f5d5021dbb653"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 01:32:53 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VNZeHOeMaLNZTo-IS8VJW_xSFB6Psrablm929qpTXzAAzwfJTa5Qig==

GET
H2 200 portuarios-e-aeroviarios-sao-incluidos-nos-grupos-prioritarios-de-vacinacao.json Show response
json.gazetadopovo.com.br/republica/breves/ 16 KB
4 KB 205ms
63ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/breves/portuarios-e-aeroviarios-sao-incluidos-nos-grupos-prioritarios-de-vacinacao.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6706bfce24d8f1ee86d5d618d32c800adfdc1099c8fa00550bb30ae9fa8419c5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"52fe5c5df429df893a379e19c762fea3"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 01:59:48 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Kp6FQRnrQGnt59IKEpG21uOxh_DbGBikk66nfOPY0t6RFHzA3sIghg==

GET
H2 200 guedes-gringos-entrarao-com-dolar-a-r-550-e-poderao-sair-com-moeda-a-r-3.json Show response
json.gazetadopovo.com.br/economia/breves/ 12 KB
3 KB 162ms
20ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/breves/guedes-gringos-entrarao-com-dolar-a-r-550-e-poderao-sair-com-moeda-a-r-3.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16f9f05684e6bd86ca7a9169d289485333d3119b7f8e601673af93bcecc812b3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f9ce897bdc0b64f2df6543e9cab44b13"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:04:21 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: TN3IPmJc-w0HMpnj_acDfrWQEjgdHvv-TR7xMcadeZNxsIz4_K9q4w==

GET
H2 200 guedes-ve-potencial-de-criacao-imediata-de-2-milhoes-de-empregos-com-bip.json Show response
json.gazetadopovo.com.br/economia/breves/ 14 KB
3 KB 160ms
19ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/breves/guedes-ve-potencial-de-criacao-imediata-de-2-milhoes-de-empregos-com-bip.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d1696718111f0ba35a3f0b5425c531dbf987ef06fe710ff1023f2e3c83af004

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f8aee1d3df60e842b2afc8d4f53f1049"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:29:30 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zemQV_la2zR9d9jKTe68wfjhpM4lTmvqC3y3MPeTw4d_FW9l1KTQ7g==

GET
H2 200 mayra-diz-que-cloroquina-nao-cura-covid-19-mas-pede-fim-de-ideologia.json Show response
json.gazetadopovo.com.br/republica/ 31 KB
7 KB 162ms
21ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/mayra-diz-que-cloroquina-nao-cura-covid-19-mas-pede-fim-de-ideologia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 852da19cf10c3fc43a6ab9ab8d3e1b5c59162931b7df7e81db9c4190ce21e024

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"07937ebc10ac34d06561daf7690a888f"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:17:23 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: hLdLiwsvlxifIXaaCfPj9hoMv1XjepHePFjA_Y-3lUKV9-BBkM6-9Q==

GET
H2 200 apos-tregua-em-gaza-eua-acenam-a-palestinos-e-abandonam-posicoes-de-trump.json Show response
json.gazetadopovo.com.br/mundo/ 34 KB
7 KB 146ms
6ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/apos-tregua-em-gaza-eua-acenam-a-palestinos-e-abandonam-posicoes-de-trump.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2a873a3d48182cb8251da66c51ba8a93a7d42c6e103ba8a94a17d4109320479

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ac6f802cdd8ad9a0d9e9583b3eb74787"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 00:31:03 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xRCUZOf7_e-UCl7pNmFFMRdoClyByVB9iXtjAqSEqxJ4s-Xujq2J1A==

GET
H2 200 bispo-de-xinjiang-e-10-padres-presos-pelo-regime-chines-denunciam-sites-cristaos.json Show response
json.gazetadopovo.com.br/mundo/breves/ 13 KB
3 KB 145ms
5ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/breves/bispo-de-xinjiang-e-10-padres-presos-pelo-regime-chines-denunciam-sites-cristaos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18a9c08a67e7163c760780c38e453b2632db0b701be41e0ef97bb7e72e949894

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"62989039dac82ff21340636249d5e0f3"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 16:11:06 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: zrv85CE4acsHcG0D2d-joE0YiPapAw71dxoHEPSdLuNJD0yvagOD9g==

GET
H2 200 parana-bate-recorde-pessoas-internadas-covid-19.json Show response
json.gazetadopovo.com.br/parana/ 18 KB
5 KB 162ms
22ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/parana-bate-recorde-pessoas-internadas-covid-19.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 555e424c7edf624d96ef1e56bda6a0bcb0cfee525e373846ebba63864f30aa20

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6b609cce05d8876d28e88a0751338ee3"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 02:23:55 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: SoxD0I-e6ySJdTwytFDEwpDWiikZjmn-88Wf4LqEQqt2oLVI3oA-2w==

GET
H2 200 pr-soma-mais-100-casos-troca-vacinas.json Show response
json.gazetadopovo.com.br/parana/breves/ 16 KB
4 KB 209ms
70ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/pr-soma-mais-100-casos-troca-vacinas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40d3345ee6b0f20292a76da21c41887b4eee45480c535a06eca711f56efe5fa9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"eea78e84508995e247fd764de56354b7"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:53:52 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: D8h_IpXsfxUZvQH4oqR6JzfSGApheS1xmIA5bWsm5Dt1l8QCVrhDPA==

GET
H2 200 parana-suspende-cirurgias-eletivas-em-hospitais-publicos-e-privados-por-um-mes.json Show response
json.gazetadopovo.com.br/parana/breves/ 16 KB
4 KB 162ms
23ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/parana-suspende-cirurgias-eletivas-em-hospitais-publicos-e-privados-por-um-mes.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f212b5a4760aa6c2c8016eddc5cd076c57b8bbde54a6c39d5e35b43e752a614

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ba66e7a421155200ff109df4603b3c8a"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:54:40 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5tCXiAUaB4KBeCUBFGW1E_qYSU87mRepaYp_diJ6RmQeZH8oVZwx9g==

GET
H2 200 pandemia-curitiba-prorroga-bandeira-laranja.json Show response
json.gazetadopovo.com.br/curitiba/ 23 KB
6 KB 162ms
24ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/pandemia-curitiba-prorroga-bandeira-laranja.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccdbe7d833507569fab5da9f6139875ad8eeee6d3ee5dc115639d311214f5a06

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a85ba6eff6625e510029753006cb26ec"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:52:27 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: uJ114WpeGYJSaK23Ah_fw9699S37CTEXMzLIQiF1rduZLQGSRRlrsA==

GET
H2 200 em-novo-decreto-parana-aumenta-toque-de-recolher-e-reduz-horario-de-supermercados.json Show response
json.gazetadopovo.com.br/parana/ 35 KB
6 KB 164ms
25ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/em-novo-decreto-parana-aumenta-toque-de-recolher-e-reduz-horario-de-supermercados.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf881207f0c51a462aaa8e58979f0c287b8ae26bd0c13422914e44b684e4ab9b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d0c0a72491172a2a0c7e56151a456020"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:08:59 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 0Qm6PbPaegYlDJfGohqdDETPEOXQQmOfHffiN8Lq4B8OcP5_mQKysg==

GET
H2 200 delivery-ate-21h-e-mercados-fechados-foram-resposta-a-apelo-de-prontos-socorros.json Show response
json.gazetadopovo.com.br/curitiba/ 31 KB
7 KB 177ms
39ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/delivery-ate-21h-e-mercados-fechados-foram-resposta-a-apelo-de-prontos-socorros.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36e2f0fb30c9da1032e24b2b7c038f1bc4c1e88c6d42d6ca57d6894d8cf1869a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"fe22324f7e34e9062f36163971436776"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 19:15:23 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: Le7XLoR6kGlJRcPr8LmD7IdGmJAUo5VMGJt8UZZ7oBgiodyQVJfDaw==

GET
H2 200 secretario-presta-contas-assembleia-primeiro-quadrimestre-2021.json Show response
json.gazetadopovo.com.br/vozes/roger-pereira/ 67 KB
10 KB 184ms
46ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/roger-pereira/secretario-presta-contas-assembleia-primeiro-quadrimestre-2021.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2e4ab0f93e6e2c8a18fbf2a8f263b791f904a3538676487f0431f3396dfb69c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b6b9cab48eadefd7c29710562ebc449b"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:24:59 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 2Ky08it7vmHJe2ddNogFYGspOxTgkhrJvjiaTarWwbSbef9wa8bHsQ==

GET
H2 200 curitiba-vacina-pessoas-com-deficiencia-40-anos.json Show response
json.gazetadopovo.com.br/curitiba/ 20 KB
5 KB 162ms
24ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/curitiba-vacina-pessoas-com-deficiencia-40-anos.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d518bbaf6d084b4d7b030c55b630957ac86019a289f318495a4487b606530d4a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"d7435b4f6b03c32b7559e4ae9e9b2441"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:38:06 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: RJaWbgvq0aQmKGAA986OGkmRNVhgs_2NMM5TkPlaJDPLTu_hsqAf9w==

GET
H2 200 curitiba-mantem-vacinacao-somente-pessoas-com-deficiencia.json Show response
json.gazetadopovo.com.br/curitiba/breves/ 17 KB
4 KB 184ms
47ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/curitiba/breves/curitiba-mantem-vacinacao-somente-pessoas-com-deficiencia.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9ea13048b57a6cc1364b0ef66887fb5d96f7c8dd2aa37e2d4afcec04d83bab8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"46ed002538f4838bb51ba0c6820ec8f2"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:55:35 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: yfBhr69VAxCx8zcb6a0oP7Tj2xicJZ4pY3yCgB2rq5VKLgbIpOT06Q==

GET
H2 200 parana-mais-2056-casos-e-morte-dengue.json Show response
json.gazetadopovo.com.br/parana/breves/ 15 KB
4 KB 182ms
46ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/parana/breves/parana-mais-2056-casos-e-morte-dengue.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93d0885e13a1ac4faa990a731665d3a205da31f1d1b5dfe8fb3ca298e63727f7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"4c160b91d2e328644798911bfafbed3e"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:29:46 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 0wWaByXX3qDeTbO4nbbn7GdwqDKbVaaTz9X8iG6GvOfJvLq6UJaXHw==

GET
H2 200 guararapes-cuidados-com-a-casa-na-pandemia-impulsionam-negocios-de-fabricante-de-mdf.json Show response
json.gazetadopovo.com.br/vozes/parana-sa/ 67 KB
9 KB 185ms
48ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/parana-sa/guararapes-cuidados-com-a-casa-na-pandemia-impulsionam-negocios-de-fabricante-de-mdf.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80e1dc80b8c68a838f91b1d9e9d1235ea367baa2c77bdf2132df8a544d3de78c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"fee72caa099c1ad69ffeaad920889974"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:46:53 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: BT1KYUUqKmHlmX0bWGDpnz7J5_2vEQES4AklQxxaP3n9LrO54WTyyw==

GET prefeitura-de-curitiba-amplia-decreto-e-decisao-afeta-jogo-do-athletico.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/breves/ 0
0

GET athletico-aspirante-decepcao-destaque.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/ 0
0

GET boa-fase-copa-do-brasil-sub-20-coritiba-promessas-destaques.json
json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/ 0
0

GET
H2 200 quem-e-rocco-morabito-mafioso-italiano-rei-da-cocaina-de-milao-preso-pela-pf.json Show response
json.gazetadopovo.com.br/mundo/ 29 KB
7 KB 206ms
71ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/quem-e-rocco-morabito-mafioso-italiano-rei-da-cocaina-de-milao-preso-pela-pf.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63acc27dcd80e568abbd96d95e65e925348eb0f5b0750bb559d91d9a2d1d0393

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"bd26176d3334c6c8d8874f78cf19275a"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:11:33 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: BsMwmZIdguKvH9BVzuCrzNA-ctkQR8K8o0dgtDp4cwtBU6qlzRbDqw==

GET
H2 200 projeto-quer-obrigar-presos-condenados-pagar-indenizacao-vitimas.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/breves/ 16 KB
3 KB 191ms
56ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/breves/projeto-quer-obrigar-presos-condenados-pagar-indenizacao-vitimas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6542b021af6e6e33e9384b6ee9376a78014297e9eb978ee4c19f8a55b7ab36b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"5d6cc52e13256e4cc22173eb97f8fe5c"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:07:07 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 8uHy-wzQd4iR0f1a6zuVx2mBRa0K8VfH_p2vNl9gJSAD0GRsyZf1vg==

GET
H2 200 campanha-nacional-vai-coletar-dna-de-familiares-de-pessoas-desaparecidas.json Show response
json.gazetadopovo.com.br/vida-e-cidadania/breves/ 17 KB
4 KB 192ms
58ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vida-e-cidadania/breves/campanha-nacional-vai-coletar-dna-de-familiares-de-pessoas-desaparecidas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cab60fc67f0bcbee3307df4852d61ca49e01aeedb908faa3637f6926af993a8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e855c7954243e029567d6d2d11d66823"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:42:36 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: CHYtMZP0dQiAOnUwPVJeATXFsk1vND6WWlRb9Xd4SbYosIIvsPZ4BA==

GET
H2 200 casa-cor-sao-paulo-2021-parque-mirante-arena-allianz-parque.json Show response
json.gazetadopovo.com.br/haus/decoracao/ 58 KB
7 KB 206ms
72ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/haus/decoracao/casa-cor-sao-paulo-2021-parque-mirante-arena-allianz-parque.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68216ed78f980c63fc2754887d5894211990b8925a9b975e57ec206d5cd52ba8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"38bc2415b4dc4b7ac7650eecad5af18c"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 19:49:33 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: kHkUX0GeX7xPqX-KdPyIGwp41yhKCXO9NCgKZ5RdBNXSHju5ibQM4A==

GET
H2 200 e-se-a-pandemia-foi-criada-pelo-homem.json Show response
json.gazetadopovo.com.br/ideias/ 44 KB
9 KB 193ms
59ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/e-se-a-pandemia-foi-criada-pelo-homem.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74ecfcfe6c9e611b97c12722c96b763c93c54969001ab4d6787df0e2bb2c0e11

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9bbbab4a24619a6030c23b11232be599"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 22:00:06 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: mBOUXp7PqpfGlxE-rENbeVb-MUMyJStRLlhu1IQd_dh3m0SayQtTcQ==

GET
H2 200 por-que-ate-mesmo-progressistas-deveriam-duvidar-das-mudancas-climaticas.json Show response
json.gazetadopovo.com.br/ideias/ 22 KB
7 KB 194ms
61ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/por-que-ate-mesmo-progressistas-deveriam-duvidar-das-mudancas-climaticas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1503366662f28135d369469f4c750003f4c04f5b80974aa939e094a0c432ae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a4f7110ef313f37e0554c83a936d0c27"
age: 54
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 20 Nov 2019 19:13:53 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vZ_Gka8lyf3v5dSs0SWG-QoO6rPKzbuKKfUel7Evn4sEuPBEicrbaA==

GET
H2 200 o-anjo-de-hamburgo-a-heroina-brasileira-que-salvou-centenas-de-judeus.json Show response
json.gazetadopovo.com.br/ideias/ 19 KB
6 KB 195ms
62ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/o-anjo-de-hamburgo-a-heroina-brasileira-que-salvou-centenas-de-judeus.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5fbbce9960ebd724c035b23c1f9ee31f9cd44ee2d0202af19afe01e01b29d23

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"be18fe4222ed89aeee7804eb53696cf3"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 15:20:20 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: IqG5CsEyiVk9zog66yEeuN9owZGPYxpeY6Ufyca_mhAh11p-94E06A==

GET
H2 200 leitor-imprensa-fazer-as-pazes.json Show response
json.gazetadopovo.com.br/vozes/polzonoff/ 68 KB
11 KB 193ms
60ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/polzonoff/leitor-imprensa-fazer-as-pazes.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87475069b20cfb385c2171eb44b8b0af1ca2bde476132fad4c53d82de5af0026

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0b35d1c4ed858f2cf42f501eb2d15529"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 24 May 2021 17:15:35 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 3BhxS19ueUDmGu9gUi8CVxiPDkL_zMQfWLOPhbnBo4sKTF4g7hdoVQ==

GET
H2 200 quando-buscar-advogado-para-fazer-testamento-e-qual-a-importancia-de-se-fazer-um.json Show response
www.semprefamilia.com.br/json/comportamento/ 20 KB
20 KB 566ms
381ms XHR
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/comportamento/quando-buscar-advogado-para-fazer-testamento-e-qual-a-importancia-de-se-fazer-um.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e56450a9a9941d84cb731a453dfaaa613b26104be0bb2bd3b4b9dbfe4f84a2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
etag: "09a093b667a8594517f2f748866d69de"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
content-length: 20116
last-modified: Tue, 25 May 2021 21:45:59 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:26 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: WHyeO-C74_O4x1-E0oclMV1Knisurz6IhSUc92Ls_zSMYFZ8tPS9SQ==

GET
H2 200 empresario-doa-mil-dolares-a-cada-estudante-em-formatura-para-estimular-generosidade.json Show response
www.semprefamilia.com.br/json/virtudes-e-valores/ 18 KB
18 KB 586ms
402ms XHR
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/virtudes-e-valores/empresario-doa-mil-dolares-a-cada-estudante-em-formatura-para-estimular-generosidade.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20c7f4e40382fa05849d164058829e4711f78dedcc4b85c9d964ed4519318edf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
etag: "4395a0afb38c36cb68b16ff923dc39d4"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
content-length: 18242
last-modified: Tue, 25 May 2021 19:59:12 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:26 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: 5WBd4BhKe0GLZErGCZAlaq67EtR476BXksspK4hbZzPqSb5TQqSqZQ==

GET
H2 200 recomecar-redescobrir-e-reencantar-manter-a-vitalidade-do-casamento-requer-decisao-diaria.json Show response
www.semprefamilia.com.br/json/casamento-e-compromisso/ 21 KB
21 KB 572ms
387ms XHR
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/casamento-e-compromisso/recomecar-redescobrir-e-reencantar-manter-a-vitalidade-do-casamento-requer-decisao-diaria.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c5c759d89dd4e1b4495b53d3a24edb1de99e256e260c74d339d0183cc48ec11

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:26 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-length: 21438
last-modified: Mon, 24 May 2021 21:34:10 GMT
server: AmazonS3
etag: "fa82a7afad4d7091800de214562889f3"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: bhkjEFRnru5docW8SbmmpDnVl0FAGrMbuzR8e6zJ3QSviSITEFoTAA==

GET
H2 200 abacate-ou-avocado-entenda-a-diferenca-e-quando-usar-cada-um.json Show response
json.gazetadopovo.com.br/bomgourmet/produtos-ingredientes/ 41 KB
6 KB 206ms
72ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/bomgourmet/produtos-ingredientes/abacate-ou-avocado-entenda-a-diferenca-e-quando-usar-cada-um.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88e5a8dbf7bf2e7cdbd6f3a99e8cf83f8c6b8e27f416643af8dae601784d0556

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e934b3fb99fc8e42635a0c39d5342236"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 24 May 2021 21:37:22 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vVGUdxnXIxf-fDOOaDuntQB86ZttiRGXiJNHlcWPBPLU6n_wk-2lnA==

GET
H2 200 pazuello-pode-ser-punido-pelo-exercito.json Show response
json.gazetadopovo.com.br/republica/ 16 KB
4 KB 193ms
71ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/pazuello-pode-ser-punido-pelo-exercito.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9973fd176a6450ff7e0ed56a7f74d9e9e5f391b982f683e158089ad011cf0c19

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"e15b13582b02b753e5ee7fb895ca5efb"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 19:51:10 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 1MUbdsXP9c0hHHJIDU2TBmPUxiyuiEAV1OrwRrmLwQ9lLPOUjLCuGg==

GET
H2 200 segunda-dose-vacina-covid-19-intervalo.json Show response
json.gazetadopovo.com.br/republica/ 16 KB
4 KB 186ms
89ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/segunda-dose-vacina-covid-19-intervalo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20fdc38d216fb194ee793c0dd7747c4b9a6e4787fe00daa50dce4519094d4c0c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"a5a1c95c231164cb00fabf0cf23ef9bb"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 24 May 2021 19:44:32 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: bziTfE5poYtdQDVgKHswoLqX5RAy586Wzs3TGb7eY4_wM1kCKrZCiQ==

GET
H2 200 ideias-199-o-bolsonarismo-se-tornou-uma-religiao-civil.json Show response
json.gazetadopovo.com.br/ideias/ 16 KB
4 KB 177ms
81ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/ideias-199-o-bolsonarismo-se-tornou-uma-religiao-civil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01b275470b7295b8acc7483323bb9e49447942d899d95c65748e13431e9878a7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f60f80a74cad4a746133da7c1ad7009a"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 23 May 2021 23:07:13 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: o-RHEhwzI_DIN9r36QctkW1TgZNmIEDcbHwcHVpWiJ65GMkuHrIkWA==

GET
H2 200 o-papo-e-27-como-o-voto-auditavel-pode-beneficiar-as-eleicoes.json Show response
json.gazetadopovo.com.br/ideias/ 12 KB
3 KB 170ms
74ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/o-papo-e-27-como-o-voto-auditavel-pode-beneficiar-as-eleicoes.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db112ee5252a8e97845314defa73060bd5001625b6c58c2baf181d520c5372e1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"0d628d955ce471f6ba0c5187d91c16be"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 22 May 2021 19:44:53 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: KuAf4yrLjnLH8Bdz8RoDzpspaBFk7e4cgjc6Ar46Pz8htlGrfqOtxA==

GET
H2 200 cpi-da-covid-19-pazuello-relatorio.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
5 KB 163ms
82ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/cpi-da-covid-19-pazuello-relatorio.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2f6255b50bd33353d70e26e12d4df1bfec37fdfe507d10316e9cf8239ddaba48

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c293d5ac91a4661c8b70818e8cefb930"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 20:19:15 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: qF_w4K6qKqp_xsWv8HZQj9stlOXu2mY4-svAGqv7RTWXZGxGxZdKxw==

GET
H2 200 ex-feminista-explica-por-que-mudou-de-lado-depois-do-falso-estupro-culposo.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 73 KB
11 KB 154ms
78ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/ex-feminista-explica-por-que-mudou-de-lado-depois-do-falso-estupro-culposo.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2440b924a2ad61372873b14ce3831cac0292284d9ccaf8f4cbd21a688e379c72

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"c4b2b4ef2356c2ed0e8d8e75527e0426"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Mon, 24 May 2021 18:21:27 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: vjc1bsANt5yZdc-lTnIKF-5m1EySrNsuv7P5nVHyNQY5geLX6UdG6w==

GET
H2 200 reforma-politica-volta-a-pauta-o-que-pode-mudar-em-2022.json Show response
json.gazetadopovo.com.br/republica/ 19 KB
4 KB 158ms
82ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/reforma-politica-volta-a-pauta-o-que-pode-mudar-em-2022.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f091002bad9948e083bf04fe03ce488e6cd253af0f36774ed96ad80735311b82

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"02bd9381a402f18b1aa64ff71e946b32"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 22 May 2021 12:59:47 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: smgandNgi1NEM-lFGx1xFpwCReaKM9C2Hk_11Htea_Db34-H6X_Jew==

GET
H2 200 justica-eleitoral-causa-revolta-ao-se-opor-ao-voto-impresso-auditavel.json Show response
json.gazetadopovo.com.br/vozes/cristina-graeml/ 83 KB
15 KB 157ms
81ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/cristina-graeml/justica-eleitoral-causa-revolta-ao-se-opor-ao-voto-impresso-auditavel.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a25c34cc55d9ea12fbfb931f94f336dcc749de1fc4e556e2372b93d20063ac3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"6ceb14a7b08fbab2ea5a9021d3c7bd8d"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sat, 22 May 2021 17:46:07 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: x89OPJheZGwWL2imvqBC2O0Yc1apFFRL8M6saB7sk5_FC2mM0G-mbQ==

GET
H2 200 a-vacina-da-astrazeneca-foi-suspensa-para-gestantes.json Show response
json.gazetadopovo.com.br/republica/ 21 KB
5 KB 154ms
79ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/a-vacina-da-astrazeneca-foi-suspensa-para-gestantes.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acfb4a6c89ae97ac13b3c8fb69f96205546f3cf96d1d406caa1861eec6f13c94

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8903e8988e7e8399e330f8b34c0d05e9"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 May 2021 12:03:51 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: cqUhDCEW9t4nLOaXwFzhWnOmlYAenbnXME5rdv5UVUUcdk0AxGMvdQ==

GET
H2 200 como-lula-pode-influenciar-bolsonaro-na-escolha-de-novo-partido.json Show response
json.gazetadopovo.com.br/republica/ 31 KB
8 KB 148ms
73ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/como-lula-pode-influenciar-bolsonaro-na-escolha-de-novo-partido.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fccfc2adbaf4c09789fb82e050b803ee7916a51dc80dac2d3b61b105d8c2a40e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8ad645e8979153d1259da5411b4405c9"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:25:44 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 7dPzq8WZKDQjU8erGV26FGgzkl4rmaP5REZLipG7FwwVfL7914oUtQ==

GET
H2 200 ato-26-05-centrais-sindicais-auxilio-600.json Show response
json.gazetadopovo.com.br/economia/ 26 KB
6 KB 157ms
82ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/ato-26-05-centrais-sindicais-auxilio-600.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8f2f0a8d142f55cd42774ec998ba8aefd02c7e68780cb506cccd27852e5e3a3

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"9aadb2abbcbe2c3a5dcf308da4b88d44"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 18:31:39 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 2SYnJUkrvurnXDGp_z7QfUKNQ4iOad_rySWTnw8jP6gWzdC9-d7kGQ==

GET
H2 200 commodities-motivos-alta-impacto-brasil.json Show response
json.gazetadopovo.com.br/economia/ 25 KB
7 KB 156ms
81ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/commodities-motivos-alta-impacto-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac3a92c14118d102cacd87e2685f762787820943829d2ba3ecbdbf942282e698

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"fab5135775750bc3f557678c9cdcb5a6"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 19:11:22 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: ZeyOCWBx0IJlQNODDpgfT-nTfHSQtoSYgG9Yo64DT2jRBX55C5-WkQ==

GET
H2 200 pesquisa-ipc-maps-2021-consumo-das-familias-brasil.json Show response
json.gazetadopovo.com.br/economia/ 23 KB
6 KB 161ms
87ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/economia/pesquisa-ipc-maps-2021-consumo-das-familias-brasil.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b0ffd95ea5a326d9d17b98f4e76b38a0490298b96db5f7a3db5371823e7aeb4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"39a3e4fa8f03895aacd00a610abfcb9c"
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 16:03:52 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-id: 6HvqSlakqAnza2FX57VNnvKbN67CRPsmGKNRHkQp8JkkzyOTAVdd9w==

GET cxense.json
apps.gazetadopovo.com.br/cxense/ 0
0

GET
H2 200 / Show response
comments.gazetadopovo.com.br/content/count/comments/ 2 KB
3 KB 134ms
133ms XHR
application/json 2600:9000:20eb:de00:4:5c96:9080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://comments.gazetadopovo.com.br/content/count/comments/?keys=[%2231c8a960-bdb0-11eb-af7a-d7af4fcd18b1%22,%22f2414770-bda5-11eb-b111-53bb9305488d%22,%22ada7c710-bd96-11eb-aede-1bdb6e664582%22,%22493dbcb0-bd9d-11eb-aa35-f79423ec32ff%22,%2260975060-bd98-11eb-aede-1bdb6e664582%22,%22e190d7d0-bdad-11eb-a572-814ef8bc1c0e%22,%228d691520-bdb0-11eb-af7a-d7af4fcd18b1%22,%22f5ad5930-bdb9-11eb-b3c3-db9afbf14367%22,%2296114b10-bd93-11eb-aede-1bdb6e664582%22,%222c85b4c0-bd9c-11eb-aa35-f79423ec32ff%22,%22b506e920-bda3-11eb-abdb-ed9be672da19%22,%22832207a0-bd9e-11eb-b111-53bb9305488d%22,%22d912b9c0-bdb7-11eb-b3c3-db9afbf14367%22,%22563aa920-bdb4-11eb-b3c3-db9afbf14367%22,%2262c4c570-bd9d-11eb-aa35-f79423ec32ff%22,%22fe78cd90-bda7-11eb-9610-5f2e4568e910%22,%22d4a0c200-bda9-11eb-9610-5f2e4568e910%22,%22b07985e0-bdb0-11eb-a572-814ef8bc1c0e%22,%227027bc20-bdb3-11eb-b3c3-db9afbf14367%22,%22fb2e87c0-bdab-11eb-a572-814ef8bc1c0e%22,%228d58a1c0-bdad-11eb-8f2a-e3aa835631fa%22,%226d383af0-bd7f-11eb-83f2-03ff0a62dc44%22,%2299fa8570-bd8e-11eb-bbd9-d1be10fc55dd%22,%221683cb60-bdad-11eb-a572-814ef8bc1c0e%22,%2220654b00-bd98-11eb-aede-1bdb6e664582%22,%2247a76640-bd92-11eb-aede-1bdb6e664582%22,%222692e760-bda4-11eb-abdb-ed9be672da19%22,%22e3d2b370-0bc9-11ea-a40b-d194e2f2a6d0%22,%22bd5a4b90-bcc6-11eb-adb8-f5b0de1dec40%22,%229b1514b0-bcb3-11eb-8fab-89b62222d416%22,%22ce67b720-bda1-11eb-abdb-ed9be672da19%22,%22a28a8000-bd93-11eb-aede-1bdb6e664582%22,%22badc1c70-bcd7-11eb-b3a8-1977b37ccede%22,%2288997780-b714-11eb-a37a-bb4e046caf15%22,%228d27e910-bd92-11eb-9b7f-f7d3040791d7%22,%2275472510-bcc8-11eb-9fb2-db00e91fac0c%22,%229ba6f080-bc1b-11eb-8e24-a11882f0babb%22,%220e7132e0-baa2-11eb-b949-0564bf22cd17%22,%22cfaa3000-ba71-11eb-a5e1-3fda3f8b335a%22,%22da0cd640-bcbc-11eb-b38c-5bdc877f1bba%22,%2295934140-bafd-11eb-b921-9f48b67961da%22,%2264ba14c0-ba87-11eb-b51f-29abcc5187fd%22,%229b23bcb0-ba2c-11eb-bfaf-af6a387658e9%22]
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:de00:4:5c96:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: c8ec2e2e93b72743364006e9a53e1846f895ff2cebf0fc48fb381535771d88a3

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 May 2021 03:18:25 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront), 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
etag: W/"787-0GIvlKajsvuqIj7w5oP8F/zz+yk"
x-amzn-remapped-content-length: 1927
x-amzn-remapped-date: Wed, 26 May 2021 03:18:25 GMT
x-amz-cf-pop: FRA2-C2, FRA2-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qgTG9RIAMFbvA=
content-length: 1927
x-amzn-requestid: b75cf57b-e2da-4395-9763-2efef6d56cb3
x-amzn-trace-id: Root=1-60adbe01-7128354f6252a27f16bbd93a;Sampled=0
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: 5KaAsg6KDgi7erTYQsArVkTKIfFqt8yN3k42SZi8b4LDtkzxHrk2Nw==
x-amzn-remapped-connection: close

GET
H2 200 saiba-agora.json Show response
www.gazetadopovo.com.br/json/ 50 KB
7 KB 14ms
8ms XHR
application/json 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/saiba-agora.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27477029c457d44fc7cd63829bae7b0b5f5774d475fe1c73bf0217e995bf72d6

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: GPSDK_SESID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_TKTID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/saiba-agora.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:17:32 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 02:00:30 GMT
server: AmazonS3
age: 54
etag: W/"07f19a85ae79142a254661875f941160"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
content-type: application/json
x-amz-cf-id: bJJfBAe_f85-mMZveo5_J1niyJAkQkqnWulctX-kRB0xdgOQtgZzQA==

GET
H2 200 mais-lidas.json Show response
www.gazetadopovo.com.br/json/ 2 KB
1 KB 10ms
9ms XHR
application/json 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/mais-lidas.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe65e5ed6a0ff0440efc6b64cdcc556eeda097c65d9e1cfdade8863865814fed

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: GPSDK_SESID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_TKTID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/mais-lidas.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:17:32 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 03:04:51 GMT
server: AmazonS3
age: 54
etag: W/"f8a525891fae8d39000b21d01a5c135d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/json
x-amz-cf-id: J-qfidmj7_ZkLBMSYuahUsqm83SDGZzR3uYi24HtnVnZkBRYlcXrUg==

GET
H2 200 config.json Show response
www.gazetadopovo.com.br/json/ 59 KB
7 KB 14ms
7ms XHR
application/json 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/config.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fefaf3477432f0f3cd7e9d9d744c93e27b44c7d058db0de75e7bbc2015f2c4fa

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: GPSDK_SESID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_TKTID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/config.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 25 May 2021 21:17:58 GMT
server: AmazonS3
age: 54
etag: W/"b1870d833cab40d07bd5bc1a82f99f97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
date: Wed, 26 May 2021 03:17:32 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: AZgZMPCoQHkr2ydEW2WvKcEB44F-Ve1_H7HwCykMaJCSTdHu74BGyg==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 328ms
318ms XHR
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 837cc2a7c32ca7976ac13d39a4f1cefae2aee2367b46cb95e46d39ffce5e1aac

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 May 2021 03:18:26 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
etag: W/"4e1-6hZY/q5VXrebJYwT4IePz+YxyZQ"
x-amzn-remapped-content-length: 1249
x-amzn-remapped-date: Wed, 26 May 2021 03:18:26 GMT
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qgXEo_IAMFvjg=
content-length: 1249
x-amzn-requestid: da40a38b-f018-4425-a88e-8cce41c30df1
x-amzn-trace-id: Root=1-60adbe02-118fc9b8002c7e9a644a1926;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: VTalmW98u7-D39Zqr2r8F062kh8LZfKreFonDLnfnQYUbpr6FqUetA==
x-amzn-remapped-connection: close

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 317ms
317ms XHR
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 2758d89e79e79286527802577236633cc4e2b2c21e085423984614d5f166bcfb

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 May 2021 03:18:26 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
etag: W/"4d5-AHth/01ZO8WPrLG6M8hWdPN+HUQ"
x-amzn-remapped-content-length: 1237
x-amzn-remapped-date: Wed, 26 May 2021 03:18:26 GMT
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qgaHg2IAMFaAw=
content-length: 1237
x-amzn-requestid: fc1cd8f6-66a4-4367-92e9-8ef0bbb6798a
x-amzn-trace-id: Root=1-60adbe02-31060e716f9610002c86b7f6;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 0olSCdyUgAxL1PBdOw-sfhNPQrY4sO7-dOmQmA7ywk68iCWVPH9gTQ==
x-amzn-remapped-connection: close

GET
H2 200 reactions-rank.json Show response
www.gazetadopovo.com.br/json/ 11 KB
4 KB 8ms
7ms XHR
application/json 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/reactions-rank.json?_=1621999101987
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b9ebe7d9691a4b523e4a64ce7c5093afbf8f669f5a0a17e69a1876f5170292e

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: GPSDK_SESID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_TKTID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/reactions-rank.json?_=1621999101987
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:17:32 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 03:04:12 GMT
server: AmazonS3
age: 54
etag: W/"33797b0e8ef72d72bd52814cce53e019"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/json
x-amz-cf-id: YgzUyOOeErCRvBvsIuP87Czd-lKDITtahLKxU1rg9gidgCbrBt4n7Q==

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 164 KB
30 KB 36ms
15ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/gazetadopovo-app-9aba1755c3352379e6e8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 374ca3e4b712102bcef27be2dcc34b5f4f1d5618c3da94b7f9f7295546224295

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:49:17 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 19:53:32 GMT
server: marrakesh 1.16.6
age: 1748
etag: d1091babc81724b82145d4a36432d9c1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 30262
x-amz-cf-id: oQUEBXu9qNIy-sHBPoMt09jV-qVG3Y1GbmK4_WUSUCFjL1B2YXuCIw==
expires: Wed, 26 May 2021 03:49:17 GMT

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
455 B 7ms
7ms Image
image/png 2600:9000:20eb:6a00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 9147621
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: a8iIyPgBGPE9fBmX_c2WCFgvoF-i9MkqFBCyxpxR1M7xjaGjJtBmhw==

GET
H2 200 escolha-do-editor.json Show response
www.gazetadopovo.com.br/json/ 50 KB
8 KB 12ms
12ms XHR
application/json 2600:9000:20eb:ec00:6:45ad:3580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gazetadopovo.com.br/json/escolha-do-editor.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ec00:6:45ad:3580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b9a5871523aef5d086116d82eabc5208b0813f52a601b312d6c28c90ef8eabe

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: GPSDK_SESID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_TKTID=us-east-1-08405360-bdd1-11eb-b84c-e1ea474c3e80; GPSDK_LOCCT=ZURICH; GPSDK_LOCCY=SWITZERLAND; GPSDK_LOCRG=ZURICH
:path: /json/escolha-do-editor.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.gazetadopovo.com.br
referer: https://www.gazetadopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.gazetadopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:17:32 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 01:39:37 GMT
server: AmazonS3
age: 54
etag: W/"4c70e617cbb91aa34442242c14b386fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
content-type: application/json
x-amz-cf-id: Rz00K03MxEnE8jpmcOstcqogV8xtd8eUC3d62cr0MPGShskFe90rWg==

POST
H2 200 / Show response
www.semprefamilia.com.br/cookie-exchanger/ 4 B
1 KB 331ms
297ms XHR
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:26 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 26 May 2021 03:18:26 GMT
x-amz-cf-pop: FRA50-C1, FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qgYGmDIAMF1HA=
content-length: 4
x-amzn-requestid: 18018e3e-8c99-4d70-908f-f2b9873331b7
x-amzn-trace-id: Root=1-60adbe02-0f4316663c0b847c265ee15f;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: o82d8U7Wt79Bk-MBZcWeQo-oVLrDmgOWvSvq-1od1Rd641aZPD10gg==
x-amzn-remapped-connection: close

POST
H2 200 / Show response
www.umdoisesportes.com.br/cookie-exchanger/ 4 B
1 KB 146ms
119ms XHR
application/json 2600:9000:214f:4000:1d:7626:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.umdoisesportes.com.br/cookie-exchanger/
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4000:1d:7626:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:26 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront), 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
x-amzn-remapped-content-length: 4
x-amzn-remapped-date: Wed, 26 May 2021 03:18:26 GMT
x-amz-cf-pop: FRA50-C1, FRA53-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qgWE7CIAMFuXA=
content-length: 4
x-amzn-requestid: 84e49b59-4012-440b-b268-98ad6d8c26cf
x-amzn-trace-id: Root=1-60adbe02-6f91f70520a0832d368dd2fb;Sampled=0
vary: Origin
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Host,Origin,X-CSRF-Token,x-xsrf-token,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-cf-id: 8JzAxxLW-nyWM6sMVr7dU42xBl11vETuo0PHdThitswY4kIHVlLA5w==
x-amzn-remapped-connection: close

GET
H2 200 img20210224222927666-960x540.jpg
media.gazetadopovo.com.br/2021/05/25190847/ 74 KB
75 KB 16ms
13ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25190847/img20210224222927666-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8c294c3ede2b083651be1c300ef0e9f596a9c92947eaa05189702689a028bd9

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 22:37:13 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 22:08:48 GMT
server: AmazonS3
age: 16873
etag: "48d21d2372da3968f97edeb4ec11ec3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 76260
x-amz-cf-id: NZTNC8adPmGUtxnDO3oILKRsMUtNjOYRXtJjuXSjIXiO_HAPEbsLwQ==
expires: Wed, 25 May 2022 22:08:47 GMT

GET
H2 200 51191999001_1e136b4931_k-960x540.jpg
media.gazetadopovo.com.br/2021/05/20174913/ 94 KB
94 KB 15ms
12ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/20174913/51191999001_1e136b4931_k-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 558a1fea9e74e18bcee039e7931af0fbe5c7ee5f0079f57473387ace28f2203e

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 20:23:03 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 20:49:14 GMT
server: AmazonS3
age: 24923
etag: "bf3e338cf53163b830a5483142d1a30c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 96065
x-amz-cf-id: 6qMNElN2lA1sbcKngNTFvMOR6DNBsA2E-IrMyEZGx9rhG3MXMEUhug==
expires: Fri, 20 May 2022 20:49:13 GMT

GET
H2 200 renancalheiros2-960x540.jpg
media.gazetadopovo.com.br/2021/05/13101139/ 52 KB
52 KB 21ms
18ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13101139/renancalheiros2-960x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b4b7adc3b64deeb044ce40860115fef78d63f2cb1a44725e118a107d3d05fd6

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 09:16:40 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 13:11:40 GMT
server: AmazonS3
age: 64906
etag: "9c33abd2199e488fc6fcdba33ce21d5d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 53067
x-amz-cf-id: K7cqUzwA8LcYRudRmSvud1wxnFsOOG3h-q03vC-Pk_-919IAsYU2zA==
expires: Fri, 13 May 2022 13:11:39 GMT

GET
H2 200 ccj-camara-crop-20210525181230-372x372.jpg
media.gazetadopovo.com.br/2021/05/25151507/ 33 KB
33 KB 35ms
33ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25151507/ccj-camara-crop-20210525181230-372x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14fc1273c36f57b1d8020758c6ed16342ee58e0cd8ece66fc33a66f3285ef10b

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 20:14:41 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 18:15:09 GMT
server: AmazonS3
age: 25425
etag: "028e853a281b008dd56700644acd73df"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 33806
x-amz-cf-id: eGPldCdbTMYcficjlgA33VXSmuV8Iwn3UXfMhDJOYtmgR2Irac-LGQ==
expires: Wed, 25 May 2022 18:15:07 GMT

GET
H2 200 51066183361_f01ccc9bc1_k-540x540.jpg
media.gazetadopovo.com.br/2021/05/25200051/ 54 KB
55 KB 30ms
28ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25200051/51066183361_f01ccc9bc1_k-540x540.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cd43ff140066a60e4a6dfe283ed72ee83eea9deb619a5510e2696d515ec3d02

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 01:47:33 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 23:00:52 GMT
server: AmazonS3
age: 5453
etag: "e9866570fc93fec0c8b5cc820e1f2190"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 55710
x-amz-cf-id: C_LPu0vbxSnu90lXLkd0v2Hf_6HI_9W2g0eqd5GSBHF8iN6O_D06Qw==
expires: Wed, 25 May 2022 23:00:51 GMT

GET
H2 200 maria-da-penha-372x372.jpg
media.gazetadopovo.com.br/2021/05/25120752/ 54 KB
54 KB 25ms
24ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25120752/maria-da-penha-372x372.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d516bbb0b739b30b7e19a037c80eb8ac78f9152c2aeac8f94ff0e606382d486d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 01:47:33 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 15:07:54 GMT
server: AmazonS3
age: 5453
etag: "0efcc9a4b3a3026104b21ef592d83fee"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 55217
x-amz-cf-id: AlfR-QOaq45f0r5RfsZXi1QMxeSxV5jHp5pvgFU1YXZEROJC5a_3rQ==
expires: Wed, 25 May 2022 15:07:52 GMT

GET
H/1.1 200
OK geolocalizacao.php Show response
apps.gazetadopovo.com.br/geolocalizacao/ 146 B
725 B 1681ms
227ms XHR
application/json 18.229.193.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.gazetadopovo.com.br/geolocalizacao/geolocalizacao.php?inf=cidade
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.229.193.237 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-229-193-237.sa-east-1.compute.amazonaws.com
Software: Apache/2.4.10 (Amazon) PHP/5.4.37 / PHP/5.4.37
Resource Hash: 11035f64aa725b1fecd14c2574b1dc0137ac4f3736cf95d8e19ab80ca51d4e36

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 26 May 2021 03:18:56 GMT
Server: Apache/2.4.10 (Amazon) PHP/5.4.37
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Content-Length: 146
Content-Type: application/json; charset=utf-8

GET
H2 200 51201636037_3aa7812555_b-214x214.jpg
media.gazetadopovo.com.br/2021/05/25210535/ 11 KB
11 KB 18ms
9ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25210535/51201636037_3aa7812555_b-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a8fd034c62f9ca3a2a61c65aee54bbbfb02b1001653119c21d6b1402126ea52

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 01:52:45 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Wed, 26 May 2021 00:05:37 GMT
server: AmazonS3
age: 5142
etag: "37ff6e9919c9d53d00562455c1833699"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 11227
x-amz-cf-id: LuznR5Zrr7MYP6SLqdSXdTklDTRySnjrTajZ_Jmv3fIGDLFuAUhh1g==
expires: Thu, 26 May 2022 00:05:35 GMT

GET
H2 200 coronavac-revacinacao-idosos-214x214.jpg
media.gazetadopovo.com.br/sites/2/2021/05/25175548/ 13 KB
13 KB 17ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/sites/2/2021/05/25175548/coronavac-revacinacao-idosos-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 174649bd3e4d2a66bc131e2800ce23c9223825f67004a6b2bc5039f6f6b43f44

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:21:15 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 20:55:50 GMT
server: AmazonS3
age: 21432
etag: "6cdfc3f2c22d878783edd8ddbca57c0a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 13056
x-amz-cf-id: 26BBdjB6Duzh6reQwUCLjrV9gjAJ0Yhr-in3RIr0wFIYRlZv4JIcrg==
expires: Wed, 25 May 2022 20:55:48 GMT

GET
H2 200 renancalheiros2-214x214.jpg
media.gazetadopovo.com.br/2021/05/13101139/ 9 KB
10 KB 16ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13101139/renancalheiros2-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30c7fd0b6c5f5b476ff5bee81febd11908103579fe6bef467d65c3c593062efc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:25:29 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 13:11:41 GMT
server: AmazonS3
age: 3178
etag: "f30a9af9255553bd88c73ab93efd9548"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 9426
x-amz-cf-id: kiItp-KfCypjvJD2mglw5tX6Rtqc88oUfMX26L7qycybj55BFWx5Ww==
expires: Fri, 13 May 2022 13:11:39 GMT

GET
H2 200 51066183361_f01ccc9bc1_k-214x214.jpg
media.gazetadopovo.com.br/2021/05/25200051/ 12 KB
13 KB 17ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25200051/51066183361_f01ccc9bc1_k-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c08e7ce5d44324cb153d898ae9b1280deb97f608f42f3d43e1f05520f8330046

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:49:18 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 23:00:52 GMT
server: AmazonS3
age: 1749
etag: "bc3f6f5bca01836064da537add9733f3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 12439
x-amz-cf-id: ULbTbg_yQjnQrfCcTGc7AKRgIcqGb2FB9fahIdFg-aMPM1opDrxXhg==
expires: Wed, 25 May 2022 23:00:51 GMT

GET
H2 200 51191999001_1e136b4931_k-214x214.jpg
media.gazetadopovo.com.br/2021/05/20174913/ 17 KB
18 KB 18ms
10ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/20174913/51191999001_1e136b4931_k-214x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef65c8f34b2bd3c46ee745a69e0bf90744d3499a23e3e3849eb138b62f81f99c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:03:16 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 20 May 2021 20:49:15 GMT
server: AmazonS3
age: 22511
etag: "d7ad9040eef720e7bb9ed385ac56e796"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 17537
x-amz-cf-id: aCHGntZwdDB4fxi72Gd5VlHSXZcF8TkRbgTcyCMnQb-2kgN8TjRPsw==
expires: Fri, 20 May 2022 20:49:13 GMT

GET
H2 200 randolfe-rodrigues-omar-aziz-foto-agencia-senado-380x214.jpeg
media.gazetadopovo.com.br/2021/05/02152905/ 19 KB
20 KB 31ms
11ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/02152905/randolfe-rodrigues-omar-aziz-foto-agencia-senado-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38150ba7f64608a7c340ac60b7937e541f8ea24e4dddb87d50015223e47ddc16

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 01:00:20 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Sun, 02 May 2021 18:29:06 GMT
server: AmazonS3
age: 94687
etag: "d2221e51317984d8746401da39217490"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19616
x-amz-cf-id: 2ePAfh8GnPpEcMB01F3CDuM711_JUxx7b1h9g8WwW9mNYKOm_4aQVA==
expires: Mon, 02 May 2022 18:29:05 GMT

GET
H2 200 cq5dam.thumbnail.cropped.1500.844-380x214.jpeg
media.gazetadopovo.com.br/2021/05/24183354/ 22 KB
23 KB 31ms
11ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24183354/cq5dam.thumbnail.cropped.1500.844-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab720a0d7cb0410647be54a7b5b6397479d57a94a78358bcab0b0151db693b62

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:46:47 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 21:33:55 GMT
server: AmazonS3
age: 106300
etag: "17ba492f271e5700dc5656f0e3d128ab"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 23008
x-amz-cf-id: c5LtxYSOE6Ik1uxTNetvxUm7dhobELHYpytTOtgQLJtfssuO4ABLuA==
expires: Tue, 24 May 2022 21:33:54 GMT

GET
H2 200 51198169536_5767e27239_k-380x214.jpg
media.gazetadopovo.com.br/2021/05/24215610/ 38 KB
39 KB 44ms
24ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24215610/51198169536_5767e27239_k-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfc6e59a65fb7a748ab735720994ccee9951dd6b478ec36f38043ea546a8c37c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:41:15 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 00:56:12 GMT
server: AmazonS3
age: 88632
etag: "88c816653c91d6da9ed84cf3130fad86"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 39396
x-amz-cf-id: CjcvXt66hyUqRJpQ-IuKXyhwUszqxbvj69Yvg6XWqb6QiMFcKVCFZg==
expires: Wed, 25 May 2022 00:56:10 GMT

GET
H2 200 pedroduran-380x214.jpeg
media.gazetadopovo.com.br/2021/05/24141356/ 16 KB
17 KB 31ms
12ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24141356/pedroduran-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73a0bfea558b464f9832e5066d26908b35ae4da8de1fb9eb5431c7d047a25680

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 17:31:38 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 17:13:57 GMT
server: AmazonS3
age: 121609
etag: "ebe77d89a39555457fd5694d0a94736f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 16758
x-amz-cf-id: RgfbnCVdQXGpy7C3CAor_7H_o4kGdaK5x6grT1OvvUqk3-UBZOX8yA==
expires: Tue, 24 May 2022 17:13:56 GMT

GET
H2 200 aracy-crop-20210524193050-380x214.jpg
media.gazetadopovo.com.br/2021/05/24163106/ 73 KB
74 KB 51ms
32ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24163106/aracy-crop-20210524193050-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89bf2cb6713f044775261681cf1080ebacd1f287f92c61dc1fa1cfb37211d175

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 01:03:29 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 19:31:07 GMT
server: AmazonS3
age: 94498
etag: "94ec8f8e6c78148527d67a1f6ce25cfd"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 74812
x-amz-cf-id: WvDkihQQJTVSHFuysbPVYDVaJurSXXXZmbIos4_uxK-xD5tQPFqqbA==
expires: Tue, 24 May 2022 19:31:06 GMT

GET
H2 200 51198315156_f3aa701094_o-380x214.jpg
media.gazetadopovo.com.br/2021/05/25145259/ 50 KB
50 KB 74ms
55ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25145259/51198315156_f3aa701094_o-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d59be5e1977f4c4e71c09be994504798af0a6231392df8af241cf72a185bc92

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 18:09:40 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 17:53:00 GMT
server: AmazonS3
age: 32927
etag: "accaab2fbc06e4eae97058a4f125cb87"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 50785
x-amz-cf-id: 2PqjJWo7RPfqCAdL1VAZwFk1Lg4Jqdtg2paUDV9PnOWr-ujQKWZ7Eg==
expires: Wed, 25 May 2022 17:52:59 GMT

GET
H2 200 manifesta%C3%A7%C3%A3o-380x214.jpg
media.gazetadopovo.com.br/2021/05/17103511/ 25 KB
25 KB 63ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/17103511/manifesta%C3%A7%C3%A3o-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcfa2c5bb3eedb637c6eaba7508f749869a69ccbd72e33885e07b37f1c88bc90

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 05:03:55 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 17 May 2021 13:35:12 GMT
server: AmazonS3
age: 252872
etag: "99e708a77119d3a82ff35c2807d11ea8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 25314
x-amz-cf-id: h6vL4UOw0Swao2uij-5VU5j4L049dPqlIWb-dA6DhwlXBnb5LAtS8g==
expires: Tue, 17 May 2022 13:35:11 GMT

GET
H2 200 s11d1-1-380x214.jpg
media.gazetadopovo.com.br/2021/05/24101915/ 20 KB
21 KB 45ms
10ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24101915/s11d1-1-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1d464e893bf9a1014dd85f3cabae0091fc87a4daca2c8908f28c46d1573956d

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:28:34 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 13:19:16 GMT
server: AmazonS3
age: 103793
etag: "12ee83defd988216e79f9c6d623f7fd8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 20821
x-amz-cf-id: FtAzg1KDKHU7gTc7FRIvtuCSvuu9UCtxo7CykXcymLmQTvNwos6aHQ==
expires: Tue, 24 May 2022 13:19:15 GMT

GET
H2 200 chaverim-arizona-tucson-380x214.jpg
media.gazetadopovo.com.br/2021/05/24205022/ 23 KB
23 KB 44ms
9ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24205022/chaverim-arizona-tucson-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c82694334f81e3edf533351e75b3b804e313b94e4b52b87148d3f7c6f2f2138

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 00:55:43 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 23:50:23 GMT
server: AmazonS3
age: 94964
etag: "0396a9765b0893e4ab08e98a7125c7c2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 23288
x-amz-cf-id: dm091Oa7lYYUYIGrWi6oUJ5WqD48joELxQEr6PYy8WMxBi6WnhaxqQ==
expires: Tue, 24 May 2022 23:50:22 GMT

GET
H2 200 policia-franca-bataclan-paris-380x214.jpg
media.gazetadopovo.com.br/2021/05/24144140/ 31 KB
31 KB 25ms
7ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/24144140/policia-franca-bataclan-paris-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbfec1092cec5896dd0445cdbc88bc6e0b4bea79f525b2995af2a1ba015a44db

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:55:09 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 17:41:41 GMT
server: AmazonS3
age: 116598
etag: "edc38830ed7b3c04be242d50550d01c9"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 31645
x-amz-cf-id: nIDUzOe2Dx4dt1efcVzYmuLoZx9gQGvRVGZ9kr-SXXkSa_Zl5YmEOQ==
expires: Tue, 24 May 2022 17:41:40 GMT

GET
H2 200 aen-380x214.jpg
media.gazetadopovo.com.br/2021/05/13155103/ 44 KB
44 KB 15ms
8ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/13155103/aen-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 322431353dc0ef02ed271dbfe5cf92b93ee792a76a172d3266d7f22fad7a9f33

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 17:51:33 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 18:51:05 GMT
server: AmazonS3
age: 34014
etag: "34147211dcf5d73bb63ae1a0608d3707"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 45059
x-amz-cf-id: Z1seozOcdQWEyv8uo3A6V5Y3d3HF_W7IJTHLzUlUzKVM2rompY6J9A==
expires: Fri, 13 May 2022 18:51:03 GMT

GET
H2 200 rocco_morabito-380x214.jpeg
media.gazetadopovo.com.br/2021/05/25151852/ 11 KB
11 KB 35ms
31ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25151852/rocco_morabito-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30f37a07aaf3b0abb069950606681a50821e3f3ea7ff40707267aa735ed73608

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:35:09 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 18:23:46 GMT
server: AmazonS3
age: 20598
etag: "b64d34fe0d6bd5756ebc08faf3f34305"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 11369
x-amz-cf-id: -RpSKkzAMrgx0XZG3Y6znBIKl6iC3JQRXXBXg8ZR8sUv0B8qLDBS1A==
expires: Wed, 25 May 2022 18:23:45 GMT

GET
H2 200 pazuello-bolsonaro-alan-santos-pr-380x214.jpg
media.gazetadopovo.com.br/2021/05/23190958/ 24 KB
24 KB 79ms
31ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/23190958/pazuello-bolsonaro-alan-santos-pr-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a2e2e4f88878c05ef463edeed7a911fd7606eab15e870620705bb223fdd47bd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 23:06:59 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Sun, 23 May 2021 22:09:59 GMT
server: AmazonS3
age: 187888
etag: "c26e09db73170cebfc487bb66302696d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 24310
x-amz-cf-id: WPDmMl5W8D4zs4ANn5sTV6D9jqQik0jp5erHgWPgJgX7zPZsrDe1wA==
expires: Mon, 23 May 2022 22:09:58 GMT

GET
H2 200 mayra-pinheiro-foto-agencia-senado-2-380x214.jpeg
media.gazetadopovo.com.br/2021/05/25113152/ 16 KB
16 KB 69ms
28ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25113152/mayra-pinheiro-foto-agencia-senado-2-380x214.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f0f57b973434dab7b055633862ae56f4da7624e1e1e59491e9eb4d4c0559686

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 15:39:12 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 14:31:53 GMT
server: AmazonS3
age: 41955
etag: "39107f4777077ee2505c5057c5f01c01"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 15949
x-amz-cf-id: 3XOgjmgVAcL-u6Z65zVf2qRUn25ZZKL3590-iAsXH78PmV9Uhf9UZA==
expires: Wed, 25 May 2022 14:31:52 GMT

GET
H2 200 Spotify-5-1-380x214.png
media.gazetadopovo.com.br/2021/05/25160856/ 79 KB
79 KB 69ms
28ms Image
image/png 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25160856/Spotify-5-1-380x214.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aeb1eafffa5088380d9eee07e9d57a123f3b12704079349bbb281f7e7d7b426c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 21:34:57 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 19:08:57 GMT
server: AmazonS3
age: 20610
etag: "bf351bc2a0789919a4faa2e858ba0105"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 80845
x-amz-cf-id: VwCpoiwyymJu_-QU98-EHhiOPkhf96NS8hoyW5a2Yg8Ofn9dju9UkA==
expires: Wed, 25 May 2022 19:08:56 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v22/ 19 KB
19 KB 47ms
5ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i|Overpass:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gazetadopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 08:45:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:15 GMT
server: sffe
age: 326004
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19152
x-xss-protection: 0
expires: Sun, 22 May 2022 08:45:02 GMT

GET
H2 200 ccj-camara-crop-20210525181230-380x214.jpg
media.gazetadopovo.com.br/2021/05/25151507/ 22 KB
22 KB 59ms
12ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/25151507/ccj-camara-crop-20210525181230-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30ceef5aa4821520534d6639ed22bdc8584a3d636698592388419a71d2a318c0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 18:41:19 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 18:15:09 GMT
server: AmazonS3
age: 31028
etag: "e309e6192ccb07ed4b021dea0b795a3b"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 22599
x-amz-cf-id: uI2Zl8_VWhfLP4qr1lz88wGYcQzNq4PkDwU6PQXPirkAKckOCcrY9g==
expires: Wed, 25 May 2022 18:15:07 GMT

GET
H2 200 shopping-palladium-crop-20210519171716-380x214.jpg
media.gazetadopovo.com.br/2021/05/19141952/ 118 KB
118 KB 58ms
13ms Image
image/jpeg 2600:9000:20eb:5800:1f:3000:7b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gazetadopovo.com.br/2021/05/19141952/shopping-palladium-crop-20210519171716-380x214.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8347e4fd427970816753600e799b730ea4e0e9eaaf0f296a4489986613ffc3e0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 20:23:20 GMT
via: 1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
last-modified: Wed, 19 May 2021 17:19:53 GMT
server: AmazonS3
age: 111307
etag: "1f4d469bda4e27a0c5eed942b2ed33c1"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 120677
x-amz-cf-id: Fz49J_8JOW6nEJBGdI4y7Kck97KH0bAuDI2TXst9aiNcmtD-_OOgGQ==
expires: Thu, 19 May 2022 17:19:52 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame E8F2 197 B
689 B 51ms
8ms Document
text/html 2600:9000:206f:e00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /mercurio.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 19:37:57 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 26 May 2021 03:17:32 GMT
expires: Wed, 26 May 2021 03:24:07 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: DaPIUwe2kgYHHD2O374afBO58fSaUiQ3mDl4Nt4tL2uBMzwOW2YAew==
age: 260

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 133ms
29ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

11ecf8068fb3bee4aac8ed0341f3726565a2978471042e88709b55813ba1fa95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "883 / 787 of 1000 / last-modified: 1621980706"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21368
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:27 GMT

GET
H2 200 / Show response
t.dynad.net/script/ 115 KB
31 KB 1392ms
391ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE10 / DynAd.net
Resource Hash: ce2515141162cbee9958063597c1ca92cf13a2fd6a1f4c98284a6e2a3122f4a5

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:28 GMT
content-encoding: gzip
server: D3-FE10
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.529 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Wed, 26 May 2021 03:18:28 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 19ms
17ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:39:49 GMT
content-encoding: gzip
last-modified: Sun, 17 Jan 2021 16:36:32 GMT
server: marrakesh 1.16.6
age: 2318
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 5277
x-amz-cf-id: rSQaYmm-VROpaDs41hJ_2gzNXk8A_RiTTwdqKvAGy5e-KJooBrfDRg==
expires: Wed, 26 May 2021 03:39:49 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 129 KB
17 KB 20ms
18ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 8e4eefbc5f49b129c593c905a9ed2330f65f1cdeb2aa4aff8bb15a82a67533ff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:39:49 GMT
content-encoding: gzip
last-modified: Fri, 21 May 2021 21:08:15 GMT
server: marrakesh 1.16.6
age: 2317
etag: 503e3431c74ef2b32ecea218718145a8
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 17266
x-amz-cf-id: VNMq9EwG2mknVIn6lzZ7odB6CDif-TVVvgmnOWVNdu9geCnsftABcQ==
expires: Wed, 26 May 2021 03:39:49 GMT

GET
H2 200 gazetadopovo.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 594ms
201ms Script
application/javascript 2804:49c:4208:405:ffff:ffff:ffff:3
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gazetadopovo.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:4208:405:ffff:ffff:ffff:3 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:27 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:09:40 GMT
server: marrakesh 1.16.6
etag: 3259e7f0de5880d1a62dfaa532afdb24
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6355
expires: Wed, 26 May 2021 04:18:27 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 6 KB
3 KB 17ms
17ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmvzt6?v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:39:50 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 20:02:02 GMT
server: marrakesh 1.16.6
age: 2317
etag: 3f49e0c04db03daf3e6521b90eda5f55
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 2098
x-amz-cf-id: MCE3khZwR1nIvfUl-dOdz_1LjS-cImxaUfPlyIub_HdiGCw7qAy_5A==
expires: Wed, 26 May 2021 03:39:50 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 595ms
198ms Script
application/javascript 2804:49c:3104:401:ffff:ffff:ffff:34
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:27 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Expires: Wed, 26 May 2021 03:18:26 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame CEE3 213 B
700 B 44ms
8ms Document
text/html 2600:9000:206f:e00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Tue, 05 Jan 2021 17:11:31 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 26 May 2021 03:17:32 GMT
expires: Wed, 26 May 2021 03:24:07 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 1Q3fTAxbUsNLufGN7Lq_ghvUWILtNnMY59mMU18f3rDOC-_80KlBbw==
age: 260

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 3D95 213 B
700 B 36ms
9ms Document
text/html 2600:9000:206f:e00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

:method: GET
:authority: tm.uol.com.br
:scheme: https
:path: /purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 182
server: marrakesh 1.16.6
last-modified: Sun, 17 Jan 2021 17:14:18 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Wed, 26 May 2021 03:17:32 GMT
expires: Wed, 26 May 2021 03:24:07 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: 8b30191927f0982283d45c76292da712
x-cache: Hit from cloudfront
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: jglDOWczvvgEe9yhV-ktQvnLy9ZratGEn3htCpG0l4IBSk46eAVKZA==
age: 260

GET
H2 200 minha-visao-sobre-espetaculo-doutora-mayra-na-cpi.json Show response
json.gazetadopovo.com.br/vozes/alexandre-garcia/ 73 KB
10 KB 8ms
8ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/vozes/alexandre-garcia/minha-visao-sobre-espetaculo-doutora-mayra-na-cpi.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ba5402cef6043213cfd852fc83fce90ca577f637e2063af1c37f61953366995

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"39ae4c525083588f2b8c99e615cc900f"
age: 56
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 26 May 2021 00:34:19 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KsgRlTxccDCDd-hciW2fUdqGjKYegBk0MTU_m-lxjqczt4j7-xFY7A==

GET
H2 200 sera-preciso-revacinar-idosos-que-tomaram-coronavac.json Show response
www.semprefamilia.com.br/json/saude/ 23 KB
24 KB 429ms
429ms XHR
application/json 2600:9000:2057:6800:13:9bf5:7100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semprefamilia.com.br/json/saude/sera-preciso-revacinar-idosos-que-tomaram-coronavac.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6800:13:9bf5:7100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52696f26e772fcaf37a7d2b55dc13c2384941011a23815bbcef63800291c6954

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
etag: "b9e16c8db0d141f752ea8ea2e7ebb3f8"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
content-length: 23678
last-modified: Tue, 25 May 2021 21:24:48 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:28 GMT
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: pFT7xsGzdTnCMRUgDnzMU1sP1bkGxCnIlkItpS4qgHkvST30YYhMzw==

GET
H2 200 a-memoria-do-holocausto-banalizada-fala-de-renan-calheiros-na-cpi-esta-fora-de-lugar.json Show response
json.gazetadopovo.com.br/ideias/ 23 KB
7 KB 8ms
8ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/ideias/a-memoria-do-holocausto-banalizada-fala-de-renan-calheiros-na-cpi-esta-fora-de-lugar.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 636bbb70e17146ed0d40f1a37db24450d472e593f3193da75412ed89e849b6c8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"ff3af265fd58b591b88ef178533abaa7"
age: 56
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 21:08:21 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: zUkmJ4PMpJH5r_aK9iTkC0H0LtBO9vpZK1bnj_Bsho3ysrZPe0frQQ==

GET
H2 200 equipe-de-trump-alertou-governo-biden-sobre-iminente-crise-migratoria-na-fronteira.json Show response
json.gazetadopovo.com.br/mundo/ 33 KB
8 KB 8ms
7ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/mundo/equipe-de-trump-alertou-governo-biden-sobre-iminente-crise-migratoria-na-fronteira.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b959f68d67a202a0bd97233ffbee66a646a248bb58a3e2c5983c8f3d2f98c71c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"f86227bd7cf962dc6aa74452f98f1dc7"
age: 56
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 23:12:16 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:17:32 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: B4QoQuOJemok6tRyOJZKQkxO-oHg1CrFUwQzM_mI7VXONYpurAIb1A==

GET
H2 200 como-lula-pode-influenciar-bolsonaro-na-escolha-de-novo-partido.json Show response
json.gazetadopovo.com.br/republica/ 31 KB
8 KB 8ms
7ms XHR
application/json 2600:9000:206f:ca00:8:7f48:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://json.gazetadopovo.com.br/republica/como-lula-pode-influenciar-bolsonaro-na-escolha-de-novo-partido.json
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:8:7f48:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fccfc2adbaf4c09789fb82e050b803ee7916a51dc80dac2d3b61b105d8c2a40e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"8ad645e8979153d1259da5411b4405c9"
age: 56
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 20:25:44 GMT
server: AmazonS3
date: Wed, 26 May 2021 03:18:25 GMT
vary: Origin
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
content-type: application/json
via: 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront)
access-control-expose-headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2, ETag
cache-control: max-age=0
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 1y8goqafHwxWqcI5e9cKUzniFSA4zEsOFv3aliZUHehgL21B5SuquA==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=682766645&gjid=548315873&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&_r=1&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=%E2%80%9CMulta%20tem%20que%20ser%20avaliada%20pelo%20povo%E2%80%9D%2C%20diz%20Paes%20sobre%20puni%C3%A7%C3%A3o%20a%20Bolsonaro&il1pi1id=2a168250-bdc4-11eb-9f34-4d9b98cb95a7&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=1&z=572194416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=1919223576&gjid=1776987018&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&_r=1&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=TSE%20autoriza%20quebra%20de%20sigilo%20contra%20chapa%20Bolsonaro-Mour%C3%A3o%20por%20ataque%20hacker&il1pi1id=46c41180-bd9a-11eb-aa35-f79423ec32ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=9&z=1208512033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Senado%20aprova%20PL%20do%20Primeiro%20Emprego%20e%20texto%20segue%20para%20a%20C%C3%A2mara&il1pi1id=68080a60-bdc0-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=2&z=741900826

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61331
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=TSE%20autoriza%20Tabata%20Amaral%20a%20se%20desfiliar%20do%20PDT%20sem%20perder%20o%20mandato&il1pi1id=542dc120-bdbf-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=3&z=151337402

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61331
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=saiba%20agora&il1pi1nm=Fundador%20da%20Marfrig%20%C3%A9%20acusado%20de%20se%20beneficiar%20com%20informa%C3%A7%C3%B5es%20privilegiadas%20na%20...&il1pi1id=56c02570-bdb7-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=4&z=500515501

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61331
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=breaking-news&il1pi1nm=Privatiza%C3%A7%C3%A3o%20da%20Eletrobras%20promete%20energia%20mais%20barata%2C%20mas%20resultado%20pode%20ser%20inverso&il1pi1id=31c8a960-bdb0-11eb-af7a-d7af4fcd18b1&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=5&z=395117497

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61331
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 88ms
21ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Relator%20da%20PEC%20do%20Voto%20Impresso%20Audit%C3%A1vel%20quer%20votar%20proposta%20em%20julho&il1pi1id=f2414770-bda5-11eb-b111-53bb9305488d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=6&z=2146817294

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 92ms
20ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Pacheco%20diz%20ter%20%E2%80%9Ctotal%20confian%C3%A7a%E2%80%9D%20nas%20elei%C3%A7%C3%B5es%2C%20mas%20aceita%20debate%20sobre%20voto%20impresso&il1pi1id=5cace0b0-bda1-11eb-b111-53bb9305488d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=7&z=510438230

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
17ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1981681475.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Como%20Lula%20pode%20influenciar%20Bolsonaro%20na%20escolha%20de%20seu%20novo%20partido&il1pi1id=ada7c710-bd96-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=8&z=684760301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
18ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=A%20mem%C3%B3ria%20do%20Holocausto%20banalizada%3A%20fala%20de%20Renan%20Calheiros%20na%20CPI%20est%C3%A1%20fora%20de%20lugar&il1pi1id=493dbcb0-bd9d-11eb-aa35-f79423ec32ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=10&z=356820931

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 100ms
18ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=A%20reforma%20administrativa%20avan%C3%A7a%2C%20e%20a%20tribut%C3%A1ria%20escancara%20diverg%C3%AAncias&il1pi1id=60975060-bd98-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=editoriais&il1pi1ps=11&z=172288775

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 100ms
19ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Senado%20aprova%20PL%20do%20Primeiro%20Emprego%20e%20texto%20segue%20para%20a%20C%C3%A2mara&il1pi1id=68080a60-bdc0-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=12&z=1001585603

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 100ms
19ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Equipe%20de%20Trump%20alertou%20governo%20Biden%20sobre%20iminente%20crise%20migrat%C3%B3ria%20na%20fronteira&il1pi1id=e190d7d0-bdad-11eb-a572-814ef8bc1c0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=13&z=1061494451

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 129ms
41ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Mudan%C3%A7a%20de%20Vara%20e%20ju%C3%ADzes%20sobrecarregados%3A%20projeto%20do%20Senado%20pode%20enfraquecer%20Lei%20Maria%20da%20Penha&il1pi1id=8d691520-bdb0-11eb-af7a-d7af4fcd18b1&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=vida-e-cidadania&il1pi1ps=14&z=724754862

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 128ms
41ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=A%20minha%20vis%C3%A3o%20sobre%20o%20espet%C3%A1culo%20da%20doutora%20Mayra%20na%20CPI&il1pi1id=f5ad5930-bdb9-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=alexandre-garcia&il1pi1ps=15&z=2015951832

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 129ms
42ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Para%20que%20serve%20uma%20CPI&il1pi1id=96114b10-bd93-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=thamea-danelon&il1pi1ps=16&z=94991552

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 129ms
42ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Biden%2C%20Israel%20e%20o%20novo%20warlord&il1pi1id=43bbb7b0-bd93-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=daniel-lopez&il1pi1ps=17&z=922965576

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 130ms
43ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=%C3%89%20certo%20negar%20uma%20ado%C3%A7%C3%A3o%20a%20uma%20l%C3%A9sbica%3F%20E%20a%20quem%20n%C3%A3o%20acredita%20em%20homossexualidade%3F&il1pi1id=998533c0-bda1-11eb-b111-53bb9305488d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=madeleine-lacsko&il1pi1ps=18&z=748702506

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 129ms
43ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Friends%20pode%20at%C3%A9%20ser%20ruim.%20Mas%20foi%20mais%20importante%20do%20que%20nos%20damos%20conta&il1pi1id=0bb005b0-bd84-11eb-83f2-03ff0a62dc44&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=19&z=931268731

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 131ms
45ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=post&il1pi1nm=Renan%20Calheiros%20tra%C3%A7a%20paralelo%20da%20gest%C3%A3o%20federal%20na%20pandemia%20com%20o%20nazismo&il1pi1id=24cc8210-bd5e-11eb-a900-d98968f583e5&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=rodrigo-constantino&il1pi1ps=20&z=541324353

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 131ms
45ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=CCJ%20da%20C%C3%A2mara%20aprova%20PEC%20da%20reforma%20administrativa%3B%20texto%20segue%20para%20comiss%C3%A3o%20especial&il1pi1id=57caca60-bd85-11eb-83f2-03ff0a62dc44&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=21&z=871598790

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 131ms
46ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Dois%20motivos%20para%20a%20alta%20nas%20commodities.%20E%20dois%20efeitos%20no%20Brasil%3A%20um%20bom%20e%20um%20ruim&il1pi1id=0bce0ee0-bcdd-11eb-9a05-37ab4362823f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=22&z=112677421

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 132ms
45ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Ataques%20antissemitas%20aumentam%20nos%20EUA%20e%20chamam%20a%20aten%C3%A7%C3%A3o%20da%20Casa%20Branca&il1pi1id=60d96b10-bceb-11eb-addd-df3b09f81e7d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=23&z=654278027

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 132ms
45ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Sul%20deve%20passar%20Nordeste%20e%20retomar%202.%C2%BA%20lugar%20no%20consumo%20nacional%20ap%C3%B3s%2013%20anos&il1pi1id=97ddb570-bcc9-11eb-adb8-f5b0de1dec40&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=24&z=627950912

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 133ms
46ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Ser%C3%A1%20preciso%20revacinar%20os%20idosos%20que%20tomaram%20a%20Coronavac%3F%20Especialistas%20explicam&il1pi1id=2c85b4c0-bd9c-11eb-aa35-f79423ec32ff&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=saude&il1pi1ps=25&z=71770255

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 135ms
47ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Sociedade%20de%20Virologia%20confirma%20nova%20variante%20do%20coronav%C3%ADrus%20no%20interior%20de%20SP&il1pi1id=3f055030-bdc2-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=26&z=1477853796

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 135ms
48ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Portu%C3%A1rios%20e%20aerovi%C3%A1rios%20s%C3%A3o%20inclu%C3%ADdos%20nos%20grupos%20priorit%C3%A1rios%20de%20vacina%C3%A7%C3%A3o&il1pi1id=020e2db0-bdc6-11eb-9f34-4d9b98cb95a7&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=27&z=31640457

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 135ms
48ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Guedes%3A%20%E2%80%98gringos%E2%80%99%20entrar%C3%A3o%20com%20d%C3%B3lar%20a%20R%24%205%2C50%20e%20poder%C3%A3o%20sair%20com%20moeda%20a%20R%24%203&il1pi1id=b506e920-bda3-11eb-abdb-ed9be672da19&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=28&z=354839771

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 135ms
49ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Guedes%20v%C3%AA%20potencial%20de%20cria%C3%A7%C3%A3o%20%E2%80%9Cimediata%E2%80%9D%20de%202%20milh%C3%B5es%20de%20empregos%20com%20BIP&il1pi1id=a1b00e70-bda7-11eb-9610-5f2e4568e910&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=29&z=1630367991

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 136ms
49ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Mayra%20diz%20que%20cloroquina%20n%C3%A3o%20cura%20Covid-19%2C%20mas%20pede%20fim%20de%20%E2%80%9Cideologia%E2%80%9D%20contra%20tratamento&il1pi1id=832207a0-bd9e-11eb-b111-53bb9305488d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=30&z=454113024

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 136ms
49ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Ap%C3%B3s%20tr%C3%A9gua%20em%20Gaza%2C%20EUA%20acenam%20a%20palestinos%20e%20abandonam%20posi%C3%A7%C3%B5es%20de%20Trump&il1pi1id=d912b9c0-bdb7-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=31&z=952682707

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 138ms
22ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Bispo%20de%20Xinjiang%20e%2010%20padres%20foram%20presos%20pelo%20regime%20chin%C3%AAs%2C%20denunciam%20sites%20crist%C3%A3os&il1pi1id=be17ea70-bd6f-11eb-9b9b-cfd55f0cce56&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=32&z=1890426980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 139ms
23ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Una-se%20ao%20movimento%20anticorrup%C3%A7%C3%A3o%20e%20n%C3%A3o%20deixe%20essa%20bandeira%20ser%20esquecida&il1pi1id=cea109ba-e58b-48c0-8b80-4197022161c2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=33&z=1523452861

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 137ms
23ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=N%C3%BAmeros%20da%20Covid-19%3A%20acompanhe%20o%20avan%C3%A7o%20da%20doen%C3%A7a%20no%20Brasil%20e%20no%20mundo&il1pi1id=b92fa6f1-e32b-4096-be30-99217fe7a2f2&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=34&z=438228760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 138ms
24ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Paran%C3%A1%20bate%20recorde%20de%20pessoas%20internadas%20com%20sintomas%20da%20Covid-19&il1pi1id=563aa920-bdb4-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=35&z=1233638463

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 140ms
26ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Paran%C3%A1%20admite%20mais%20de%20100%20casos%20de%20aplica%C3%A7%C3%A3o%20trocada%20de%20vacinas%20da%20Covid-19&il1pi1id=fa19f430-bd8f-11eb-9b7f-f7d3040791d7&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=36&z=788710401

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 140ms
27ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Paran%C3%A1%20suspende%20cirurgias%20eletivas%20em%20hospitais%20p%C3%BAblicos%20e%20privados%20por%20um%20m%C3%AAs&il1pi1id=8722f470-bdb4-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=37&z=1360701133

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 141ms
27ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Pandemia%3A%20Curitiba%20prorroga%20bandeira%20laranja%20at%C3%A9%20sexta-feira&il1pi1id=62c4c570-bd9d-11eb-aa35-f79423ec32ff&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=curitiba&il1pi1ps=38&z=1045160744

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 141ms
28ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Em%20novo%20decreto%2C%20Paran%C3%A1%20aumenta%20toque%20de%20recolher%20e%20reduz%20hor%C3%A1rio%20de%20supermercados&il1pi1id=93bedc50-bda3-11eb-abdb-ed9be672da19&il1pi1pr=0.00&il1pi1br=curitiba&il1pi1ca=parana&il1pi1ps=39&z=1240230728

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 140ms
28ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Delivery%20at%C3%A9%2021h%20e%20mercados%20fechados%20foram%20resposta%20a%20apelo%20de%20prontos-socorros%20de%20Curitiba&il1pi1id=66a44b90-bd87-11eb-aa3a-313540f7f620&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=curitiba&il1pi1ps=40&z=938747126

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 140ms
29ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Paran%C3%A1%20arrecadou%20R%24%201%2C2%20bilh%C3%A3o%20a%20mais%20do%20que%20previa%2C%20mas%20estima%20d%C3%A9ficit%20no%20fim%20do%20ano&il1pi1id=fe78cd90-bda7-11eb-9610-5f2e4568e910&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=roger-pereira&il1pi1ps=41&z=1729428391

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 141ms
30ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Curitiba%20vacina%20pessoas%20com%20defici%C3%AAncia%20de%2040%20anos%20ou%20mais&il1pi1id=d4a0c200-bda9-11eb-9610-5f2e4568e910&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=curitiba&il1pi1ps=42&z=875573159

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 141ms
31ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=relacionadas&il1pi1nm=Sem%20novas%20doses%2C%20Curitiba%20mant%C3%A9m%20vacina%C3%A7%C3%A3o%20nesta%20quarta%20s%C3%B3%20para%20pessoas%20com%20defici%C3%AAncia&il1pi1id=461c5aa0-bdac-11eb-a572-814ef8bc1c0e&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=curitiba&il1pi1ps=43&z=549214567

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 142ms
31ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Paran%C3%A1%20registra%20mais%202.056%20casos%20e%20uma%20morte%20por%20dengue&il1pi1id=b07985e0-bdb0-11eb-a572-814ef8bc1c0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=parana&il1pi1ps=44&z=689359127

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 146ms
36ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Cuidados%20com%20a%20casa%20na%20pandemia%20impulsionam%20neg%C3%B3cios%20de%20fabricante%20de%20MDF&il1pi1id=7027bc20-bdb3-11eb-b3c3-db9afbf14367&il1pi1pr=0.00&il1pi1br=parana&il1pi1ca=parana-sa&il1pi1ps=45&z=1080619703

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 146ms
36ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Prefeitura%20de%20Curitiba%20amplia%20decreto%20e%20decis%C3%A3o%20afeta%20jogo%20do%20Athletico&il1pi1id=fb2e87c0-bdab-11eb-a572-814ef8bc1c0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=46&z=1304012558

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 147ms
37ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Decep%C3%A7%C3%B5es%20e%20destaques%3A%20veja%20o%20saldo%20do%20time%20de%20aspirante%20do%20Athletico%20no%20Estadual&il1pi1id=8d58a1c0-bdad-11eb-8f2a-e3aa835631fa&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=47&z=1202838834

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 147ms
37ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Em%20boa%20fase%20na%20Copa%20do%20Brasil%20sub-20%2C%20Coritiba%20v%C3%AA%20algumas%20promessas%20se%20destacarem&il1pi1id=6d383af0-bd7f-11eb-83f2-03ff0a62dc44&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=null&il1pi1ps=48&z=662885752

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 147ms
38ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Quem%20%C3%A9%20Rocco%20Morabito%2C%20o%20%E2%80%9Crei%20da%20coca%C3%ADna%E2%80%9D%20da%20m%C3%A1fia%20italiana%20que%20foi%20preso%20pela%20PF&il1pi1id=99fa8570-bd8e-11eb-bbd9-d1be10fc55dd&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=49&z=2008690104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 147ms
38ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Projeto%20quer%20obrigar%20presos%20condenados%20a%20pagar%20indeniza%C3%A7%C3%A3o%20%C3%A0s%20v%C3%ADtimas&il1pi1id=1683cb60-bdad-11eb-a572-814ef8bc1c0e&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=vida-e-cidadania&il1pi1ps=50&z=327385039

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
38ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Campanha%20nacional%20vai%20coletar%20DNA%20de%20familiares%20de%20pessoas%20desaparecidas&il1pi1id=20654b00-bd98-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=justica&il1pi1ca=vida-e-cidadania&il1pi1ps=51&z=1677541205

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
38ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=capa&il1pi1nm=Depois%20de%2014%20anos%20no%20Jockey%20Club%2C%20Casa%20Cor%20S%C3%A3o%20Paulo%20anuncia%20mudan%C3%A7a%20de%20endere%C3%A7o&il1pi1id=47a76640-bd92-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=arquitetura&il1pi1ca=decoracao&il1pi1ps=52&z=690725397

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
39ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=E%20se%20a%20pandemia%20foi%20criada%20pelo%20homem%3F&il1pi1id=2692e760-bda4-11eb-abdb-ed9be672da19&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=53&z=168078239

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 123ms
39ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Por%20que%20at%C3%A9%20mesmo%20progressistas%20deveriam%20duvidar%20das%20mudan%C3%A7as%20clim%C3%A1ticas&il1pi1id=e3d2b370-0bc9-11ea-a40b-d194e2f2a6d0&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=54&z=1046278394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 122ms
39ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=O%20Anjo%20de%20Hamburgo%3A%20a%20hero%C3%ADna%20brasileira%20que%20salvou%20centenas%20de%20judeus&il1pi1id=bd5a4b90-bcc6-11eb-adb8-f5b0de1dec40&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=55&z=2068514647

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 122ms
40ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Voc%C3%AA%2C%20leitor%2C%20odeia%20a%20imprensa.%20Resta%20saber%20como%20faremos%20as%20pazes&il1pi1id=9b1514b0-bcb3-11eb-8fab-89b62222d416&il1pi1pr=0.00&il1pi1br=ideias&il1pi1ca=polzonoff&il1pi1ps=56&z=1067148171

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 122ms
40ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Quando%20buscar%20um%20advogado%20para%20fazer%20testamento%20e%20qual%20a%20import%C3%A2ncia%20deste%20documento&il1pi1id=ce67b720-bda1-11eb-abdb-ed9be672da19&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=comportamento&il1pi1ps=57&z=1901617275

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
40ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Empres%C3%A1rio%20doa%20mil%20d%C3%B3lares%20a%20cada%20estudante%20em%20formatura%2C%20para%20estimular%20generosidade&il1pi1id=a28a8000-bd93-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=virtudes-e-valores&il1pi1ps=58&z=2093719279

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
41ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Recome%C3%A7ar%2C%20redescobrir%20e%20reencantar%3A%20manter%20a%20vitalidade%20do%20casamento%20requer%20decis%C3%A3o%20di%C3%A1ria&il1pi1id=badc1c70-bcd7-11eb-b3a8-1977b37ccede&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=casamento-e-compromisso&il1pi1ps=59&z=1152822956

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
41ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=special&il1pi1nm=Abacate%20ou%20avocado%3F%20Entenda%20a%20diferen%C3%A7a%20e%20aprenda%20a%20fazer%20uma%20maionese%20de%20avocado&il1pi1id=88997780-b714-11eb-a37a-bb4e046caf15&il1pi1pr=0.00&il1pi1br=pino&il1pi1ca=produtos-ingredientes&il1pi1ps=60&z=1128184815

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 119ms
41ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Punido%20no%20Ex%C3%A9rcito%20e%20alvo%20na%20CPI%3F%20O%20futuro%20de%20Pazuello&il1pi1id=8d27e910-bd92-11eb-9b7f-f7d3040791d7&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=61&z=988710643

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 127ms
33ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Vacina%C3%A7%C3%A3o%3A%20tira-d%C3%BAvidas%20sobre%20os%20riscos%20da%20imuniza%C3%A7%C3%A3o%20parcial&il1pi1id=75472510-bcc8-11eb-9fb2-db00e91fac0c&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=62&z=1213266507

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 127ms
33ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=O%20bolsonarismo%20se%20tornou%20uma%20religi%C3%A3o%20civil%3F&il1pi1id=9ba6f080-bc1b-11eb-8e24-a11882f0babb&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=63&z=774104150

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 127ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=Como%20o%20voto%20audit%C3%A1vel%20pode%20beneficiar%20as%20elei%C3%A7%C3%B5es&il1pi1id=0e7132e0-baa2-11eb-b949-0564bf22cd17&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=ideias&il1pi1ps=64&z=1980635383

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 117ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=podcasts&il1pi1nm=CPI%20da%20Covid-19%3A%20relat%C3%B3rio%20parcial%20e%20o%20que%20vem%20pela%20frente&il1pi1id=cfaa3000-ba71-11eb-a5e1-3fda3f8b335a&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=65&z=1069980092

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 117ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Ex-feminista%20explica%20por%20que%20mudou%20de%20lado%20depois%20do%20falso%20%E2%80%9Cestupro%20culposo%E2%80%9D&il1pi1id=da0cd640-bcbc-11eb-b38c-5bdc877f1bba&il1pi1pr=0.00&il1pi1br=vida-e-cidadania&il1pi1ca=cristina-graeml&il1pi1ps=66&z=1215878843

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
33ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Reforma%20pol%C3%ADtica%20volta%20%C3%A0%20pauta%3A%20o%20que%20pode%20mudar%20em%202022%3F%20%7C%20Entenda%20em%201%20minuto&il1pi1id=95934140-bafd-11eb-b921-9f48b67961da&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=67&z=1560473897

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 119ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=TRE-PR%20e%20TSE%20despertam%20ira%20do%20eleitor%20em%20campanhas%20contra%20voto%20impresso%20audit%C3%A1vel&il1pi1id=64ba14c0-ba87-11eb-b51f-29abcc5187fd&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=cristina-graeml&il1pi1ps=68&z=838768836

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 119ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=video&il1pi1nm=Por%20que%20a%20vacina%20da%20AstraZeneca%20foi%20suspensa%20para%20gestantes%3F%20Entenda%20em%201%20minuto&il1pi1id=9b23bcb0-ba2c-11eb-bfaf-af6a387658e9&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=republica&il1pi1ps=69&z=1193011333

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 119ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Como%20Lula%20pode%20influenciar%20Bolsonaro%20na%20escolha%20de%20seu%20novo%20partido&il1pi1id=ada7c710-bd96-11eb-aede-1bdb6e664582&il1pi1pr=0.00&il1pi1br=2022&il1pi1ca=republica&il1pi1ps=70&z=605258402

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 140ms
31ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Aux%C3%ADlio%20de%20R%24%20600%2C%20vacinas%20e%20mais%3A%20a%20lista%20de%20pedidos%20de%20sindicalistas%20para%20Lira%20e%20Pacheco&il1pi1id=322bba20-bd72-11eb-8cb8-e99fdcc29cff&il1pi1pr=0.00&il1pi1br=republica&il1pi1ca=economia&il1pi1ps=71&z=674211334

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Dois%20motivos%20para%20a%20alta%20nas%20commodities.%20E%20dois%20efeitos%20no%20Brasil%3A%20um%20bom%20e%20um%20ruim&il1pi1id=0bce0ee0-bcdd-11eb-9a05-37ab4362823f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=72&z=1357959831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
34ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=foi%20manchete&il1pi1nm=Sul%20deve%20passar%20Nordeste%20e%20retomar%202.%C2%BA%20lugar%20no%20consumo%20nacional%20ap%C3%B3s%2013%20anos&il1pi1id=97ddb570-bcc9-11eb-adb8-f5b0de1dec40&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=73&z=221971549

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 25ms
17ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1919223576&gjid=1776987018&_gid=1554802131.1621999108&_u=aGjAAEALQAAAAC~&z=1251621282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 03:18:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 unload
api-v3.tinypass.com/api/v3/page/ 0
0 144ms
142ms Ping
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v3.tinypass.com/api/v3/page/unload?aid=izBe3CQ7pu&time_spent=%7B%22active%22%3A5%2C%22total%22%3A5%7D&scroll=%7B%22max_page_height%22%3A8567%2C%22max_depth%22%3A1200%7D&viewport_exit=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&pageview_id=2021-05-26-05-18-23-408-QsZReafSnvahleT0-b936ad7ebc1e9e7e2afe591d682f915b&visit_id=v-2021-05-26-05-18-23-437-XriBH3w80gW1dgMj-b936ad7ebc1e9e7e2afe591d682f915b
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
3 KB 231ms
231ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b54b041b8e515f5eb4e44bb06160789c6b1df5d552a9b3b9392341a7b038cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:29 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a48475c7600004aa363870000000001
x-request-id: Cti2ptqv8dF
pragma: no-cache
wn: prod-exp-10-0-139-76
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6553db40bda54aa3-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=CCJ%20da%20C%C3%A2mara%20aprova%20PEC%20da%20reforma%20administrativa%3B%20texto%20segue%20para%20comiss%C3%A3o%20especial&il1pi1id=57caca60-bd85-11eb-83f2-03ff0a62dc44&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=74&z=1658402821

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Dois%20motivos%20para%20a%20alta%20nas%20commodities.%20E%20dois%20efeitos%20no%20Brasil%3A%20um%20bom%20e%20um%20ruim&il1pi1id=0bce0ee0-bcdd-11eb-9a05-37ab4362823f&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=75&z=875997217

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Ataques%20antissemitas%20aumentam%20nos%20EUA%20e%20chamam%20a%20aten%C3%A7%C3%A3o%20da%20Casa%20Branca&il1pi1id=60d96b10-bceb-11eb-addd-df3b09f81e7d&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=mundo&il1pi1ps=76&z=92551146

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1433297151&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce%20Helper&ea=productImpression&el=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&_u=aGjAAEALQAAAAC~&jid=&gjid=&cid=1311363325.1621999101&uid=&tid=UA-23088598-1&_gid=1554802131.1621999108&gtm=2wg5j0WSPVJF&cd1=n%C3%A3o%20logado&cd2=&il1nm=escolhas%20do%20editor&il1pi1nm=Sul%20deve%20passar%20Nordeste%20e%20retomar%202.%C2%BA%20lugar%20no%20consumo%20nacional%20ap%C3%B3s%2013%20anos&il1pi1id=97ddb570-bcc9-11eb-adb8-f5b0de1dec40&il1pi1pr=0.00&il1pi1br=null&il1pi1ca=economia&il1pi1ps=77&z=1869515680

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61332
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=682766645&gjid=548315873&_gid=1981681475.1621999108&_u=aGjAAEALQAAAAC~&z=1484580768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 03:18:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021052001.js Show response
securepubads.g.doubleclick.net/gpt/ 309 KB
109 KB 28ms
27ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

d99bf1ea70a90213bc28437d4413da189cf244d2b80fba2ccb42de0b3d639727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 08:43:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110970
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:29 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
110 B 16ms
16ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1919223576&_u=aGjAAEALQAAAAC~&z=208698718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=1919223576&_u=aGjAAEALQAAAAC~&z=208698718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
500 B 157ms
115ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:29 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
65 B 19ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=682766645&_u=aGjAAEALQAAAAC~&z=538844337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 22ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-23088598-1&cid=1311363325.1621999101&jid=682766645&_u=aGjAAEALQAAAAC~&z=538844337

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gazetadopovo.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6513
date: Wed, 26 May 2021 01:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 03:29:56 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
4 KB

18ms
18ms

Script
application/javascript

143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:16:21 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
etag: "5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 3690
x-amz-cf-id: wDUL1GE_eC_kIwlxDoZzx02OLohgw0AYakv-yQrLqy_IEXAxNhplEA==

Redirect headers

date: Wed, 26 May 2021 03:18:29 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: _JGN40pqXJSKCEDl80tRIs-kL9g8f7BftX188TQePtslKB0Whv9dPA==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
31 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1433297151&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&dr=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&ul=en-us&de=UTF-8&dt=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GjAAEALQAAAAC~&jid=1221080356&gjid=2088450970&cid=1311363325.1621999101&tid=UA-97689914-251&_gid=1554802131.1621999108&_r=1&_slc=1&cd1=Parceiros&cd2=Gazeta%20do%20Povo&cd3=Gazeta%20do%20Povo&cd11=normal&cd4=1311363325.1621999101&cd66=1621999109492.8fzagkci&cd85=none&cd87=none&cd88=none&z=740236128

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame 1184 6 KB
3 KB 637ms
211ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=238081621999108407
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Wed, 26 May 2021 04:18:30 GMT
pragma: cache
last-modified: Tue, 25 May 2021 04:25:49 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 519.000h
x-varnish: 155077058 142719741
age: 82360
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame 366D 53 KB
18 KB 836ms
415ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

:method: GET
:authority: s.dynad.net
:scheme: https
:path: /stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=238081621999108407
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Wed, 26 May 2021 04:18:30 GMT
pragma: cache
last-modified: Sun, 23 May 2021 14:10:56 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 556.000h
x-varnish: 154453220 121861804
age: 220053
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame CEE3 42 KB
9 KB 19ms
9ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:40:37 GMT
content-encoding: gzip
age: 2272
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: Dbv2ZCzsLeIoPNS-zwWhjp0hwJ5oxnb2Dn9enPh-eKeb2MIzWm-q2w==
expires: Wed, 26 May 2021 03:40:37 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 3D95 42 KB
9 KB 15ms
10ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:40:37 GMT
content-encoding: gzip
age: 2272
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 8899
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 05:04:13 GMT
server: marrakesh 1.16.6
etag: 7f26a4519ac2b1604a29daf81d3f336f
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 942MmiPnrpDVN0rFR6DLZX-QR3qzl41ZvTyEwweJgLLZ9UXBFSIVOA==
expires: Wed, 26 May 2021 03:40:37 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame E8F2 4 KB
2 KB 15ms
10ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:14:33 GMT
content-encoding: gzip
age: 235
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Fri, 07 May 2021 13:45:52 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: sLNtoi8AkSz_JEqj1rstKFrYsz1YuKau55RAFNdx9dsZky2pqEWVzg==
expires: Wed, 26 May 2021 04:14:33 GMT

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 550 B
525 B 132ms
131ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=izBe3CQ7pu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d6771c7461194e7ddbf697f831eac6d23f7e38b9d1f8e45b8516ba298d6c7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 0a48475df800004a982f919000000001
x-request-id: Cti2ptqWk1q
pragma: no-cache
wn: prod-dash-10-0-136-199
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 6553db432ced4a98-FRA
expires: 0

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 322ms
322ms XHR
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: gdp-prd-data.s3.us-east-1.amazonaws.com
URL: https://gdp-prd-data.s3.us-east-1.amazonaws.com/js-piano-sdk/JSPianoSDK-0.4.4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 23223c068654c7a3736d13b160e43608dd3f524c423fd32822884dc3a54a6e67

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
etag: W/"500-qIkD547mZcPu10ZSw1kwih4N8SU"
x-amzn-remapped-content-length: 1280
x-amzn-remapped-date: Wed, 26 May 2021 03:18:30 GMT
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qg-GxMIAMF_Gw=
content-length: 1280
x-amzn-requestid: 3b952df6-b95e-4ab9-b27a-b519eafdf771
x-amzn-trace-id: Root=1-60adbe06-14402ca178fd209c16dcb2ab;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: EwKNP5yhsp5ExkqqahGzm1XsKabCfK-ciz9JWsSJxBo1KrIdZkqwNA==
x-amzn-remapped-connection: close

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 292ms
291ms Preflight
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:29 GMT
x-amzn-requestid: 7aaf4cad-a1b8-474b-b503-4bed46a5ab0e
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qg7E4xIAMFUGA=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GBvYNXOfh4L_euXzevMqKWtZEQkUWHnJRzSuqTjdYqXK6cjdWuHnHQ==

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 8ms
8ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:36:34 GMT
content-encoding: gzip
last-modified: Sun, 17 Jan 2021 16:37:03 GMT
server: marrakesh 1.16.6
age: 2515
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 6125
x-amz-cf-id: PyYaKNwig824WU1YugyV0W3ay_CMtx8SodaKvT2hL_FoiR01y_VB-w==
expires: Wed, 26 May 2021 03:36:34 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-97689914-251&cid=1311363325.1621999101&jid=1221080356&gjid=2088450970&_gid=1554802131.1621999108&_u=6GjAAEALQAAAAC~&z=180077692

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 03:18:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5863
x-xss-protection: 0
server: cafe
etag: 12453517290502062038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 26 May 2021 04:02:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 81ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gazetadopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 bg-ads.png
assets.gazetadopovo.com.br/images/ 89 B
446 B 19ms
11ms Image
image/png 2600:9000:20eb:6a00:12:af17:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.gazetadopovo.com.br/images/bg-ads.png
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/app-944202c964a7c450206d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:12:af17:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 06:18:05 GMT
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 19:11:04 GMT
server: AmazonS3
age: 9147625
etag: "53f9ae1eb3e782752565fa2c5d00ea37"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 89
x-amz-cf-id: 7fTLPiu9kkDOu09d5wtLjMjYwDQxBFcSexJBfwEJ6czh1WbpE1e1Mw==

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
65 B 18ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=1311363325.1621999101&jid=1221080356&_u=6GjAAEALQAAAAC~&z=1502479198

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-97689914-251&cid=1311363325.1621999101&jid=1221080356&_u=6GjAAEALQAAAAC~&z=1502479198

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 8ms
7ms Script
application/javascript 2600:9000:214f:4600:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4600:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:36:34 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 17:51:01 GMT
server: marrakesh 1.16.6
age: 2515
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 8357
x-amz-cf-id: nMEHhfIJJnLpq0dOoS4y0l1KAHB2nl_2eiDUfZSatnNCgnuTnzkmAA==
expires: Wed, 26 May 2021 03:36:34 GMT

GET
H2 200 trk
tt-10162-1.seg.t.tailtarget.com/ 70 B
367 B 124ms
118ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:gazetadopovo:1&tK=1621999110&tM=referral&tL=referral&tN=referral&tY=3&tZ=24295693
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:29 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
17 KB 2382ms
2345ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-6%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110000&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=4704&adks=1274092516&ucis=1&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

4041e351e9d9b31a6a3b2533bbdd7d74e1b6d590c0861a7a37ddf017d4ab1fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17344
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 54ms
14ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
17 KB 1558ms
1528ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-5%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110016&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3934&adks=1274092517&ucis=2&ifi=2&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

8ab399aee9f905b5520f293a01cb0a8c207fe9a6cb8167c7ce8307ed799ff234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16986
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
16 KB 1986ms
1957ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-4%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110024&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=3071&adks=1274092522&ucis=3&ifi=3&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

3bfaabf405d91100fe85f8e2ae81634cee5cbf1a2cdd9c1a305b27eec9751db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16794
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 2744ms
2718ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C970x250&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-3%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110033&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=2280&adks=1274092523&ucis=4&ifi=4&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

de81d40a2a2d613f79a2936368eb73667bcc627ac191cfe563404cbb4a8dc6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11735
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
25 KB 393ms
370ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-2%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110047&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=241&adys=1430&adks=2044746413&ucis=5&ifi=5&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1118x0&msz=1118x0&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

0aca65dabd0b6c7afdb20cb34f828e7f3e9b6ad76d66f80c6d9896c9c1a28780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25894
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 1133ms
1110ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90%7C1190x150&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110062&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=205&adys=311&adks=1651446792&ucis=6&ifi=6&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x50&msz=1190x0&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

9893949241754aefe6f094e06d476b800b4a35a9a5d3545811053165f54c6135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8256
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 837ms
815ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=825920634653851&correlator=1579794797241021&output=ldjh&impl=fifs&eid=31061269%2C31060839&vrg=2021052001&ptt=17&sc=1&sfv=1-0-38&ecs=20210526&iu_parts=8804%2Cparceiros%2Cgazeta_do_povo%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C990x90&prev_scp=campaignuol%3D1%26keyword%3Dswgt-sub-na%26pos%3Dd-pos-footer-1%26native%3D0&eri=1&cust_params=origin%3Dwww%2520gazetadopovo%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1621994511&dt=1621999110068&dlt=1621999100295&idt=9444&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1190&adks=2713759382&ucis=7&ifi=7&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1148x-1&ga_vid=1311363325.1621999101&ga_sid=1621999110&ga_hid=1433297151&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

3c53fc306cb9efd68ccbbe77901194b89ed3f20802d54a9bafa72f13a946ff75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9923
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gazetadopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621999110128&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621999110128&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo...

64 B
330 B

20ms
20ms

Image
image/gif

143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621999110128&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: mGjuxfnq5Zv32LpFo2Iqk1bYnX1zTKkpnD-WVULvEhBfm_FHa1x-Ig==

Redirect headers

date: Wed, 26 May 2021 03:18:30 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&cs_it=b2&cv=3.8.0.210223&ns__t=1621999110128&ns_c=UTF-8&c7=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&c8=Gazeta%20do%20Povo%20%7C%20%C3%9Altimas%20not%C3%ADcias%20do%20Brasil%20e%20do%20Mundo&c9=https%3A%2F%2Fwww.gazetadopovo.com.br.mcas.ms%2F
content-length: 339
x-amz-cf-id: qVasi_1wawrkU7kogs3ZolqPd04AyqPL3rf0GWQywrHJToNHSoBkmQ==

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
150 B 116ms
114ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 406f451054322121aefb0b12e69fbed313d2a35093234ffa8a1edcabc81987e7

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 b Show response
b.t.tailtarget.com/ 137 B
562 B 135ms
134ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=1&tU=0100007F05BEAD60C30645700243AB1F&tX=b.52&tZ=550739967&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: feb699f2436da757a393d59244dc7a76173977b9df919ed97f6c48968c71085f

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 366D 336 KB
116 KB 417ms
15ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117984
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:30 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 30ms
29ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c4f3c17a4b949f58d2b51f71745a4236ea1278292ce2b6dbf1a1fe518044463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7616
x-xss-protection: 0

GET
H3-29 200 container.html Show response
08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8354 6 KB
3 KB 29ms
11ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 26 May 2021 03:18:30 GMT
expires: Thu, 26 May 2022 03:18:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d20865ab544e7dab6a0553034edc5845335cd7c23375745db9a755c532311463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621855618012992"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:30 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:30 GMT

GET
H2 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
338 B 121ms
120ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=186919563&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 9423e1d7285e03ace474d412a37ab5708e513636ad1c40ea3478dc2b4221cd9c

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 container.html Show response
08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FCD 6 KB
3 KB 10ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 26 May 2021 03:18:30 GMT
expires: Thu, 26 May 2022 03:18:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 366D 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1565 12 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 25 May 2021 20:39:29 GMT
expires: Wed, 25 May 2022 20:39:29 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23942
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 63B6 783 B
536 B 65ms
19ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb2064b611a9261b7c42e4dbe8eb5490dc146a9de6989bbd3e46f6e0ddc5f445

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FcObK1m+RCQz1WvGEK34NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

expires: Wed, 26 May 2021 03:18:31 GMT
date: Wed, 26 May 2021 03:18:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FcObK1m+RCQz1WvGEK34NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CE90 478 B
545 B 54ms
52ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYrri8oAEwAQ&v=APEucNV2AXRTeR2lvYZyyUD8JmOR8B_l3HurrplP3uMQ9gXJVLIAabip-HEhOQdv38sIxMSf6hj6zVxXY9k4W2-IZ-PmJA2-Lw

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ25-HuQIYrri8oAEwAQ&v=APEucNV2AXRTeR2lvYZyyUD8JmOR8B_l3HurrplP3uMQ9gXJVLIAabip-HEhOQdv38sIxMSf6hj6zVxXY9k4W2-IZ-PmJA2-Lw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 26 May 2021 03:18:31 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkVVoeOBW-YhM5iiOKmpJ8X-gMVWRn9fzCIsvAyyok85DfkM9pWMHhurgUT; expires=Mon, 20-Jun-2022 03:18:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 May 2021 03:18:31 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 8354 111 KB
39 KB 47ms
6ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 14:58:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44380
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 May 2021 14:58:51 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/ Frame 8354 6 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:58:00 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 8354 17 KB
7 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 23:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7009
x-xss-protection: 0
server: cafe
etag: 607056201285360291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Jun 2021 23:21:33 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8354 42 B
63 B 20ms
18ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFXw60QSnQSiEMJAQhQw1yu2Umu5LJtPMsa3P9fWasvfB9H7AI6ZOGd1V7Hn14-mmUUG1CyVJoaluEV5S1SsdtfyWpzlSkK98KGWr_24PbJmey2iA

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 8354 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 03:08:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8354 119 KB
36 KB 28ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621855623965245"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37215
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:31 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 8354 13 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:37:50 GMT

GET
H3-29 200 bridge3.461.0_pt_br.html Show response
imasdk.googleapis.com/js/core/ Frame 2D58 575 KB
188 KB 33ms
12ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.461.0_pt_br.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36bdef3ed9760506f48340e965338ae078011f610212430f9b2fe55e5418750c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.461.0_pt_br.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.dynad.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.dynad.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192670
date: Tue, 25 May 2021 04:53:15 GMT
expires: Wed, 25 May 2022 04:53:15 GMT
last-modified: Tue, 25 May 2021 03:58:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 80716
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 366D 44 KB
16 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 366D 107 B
122 B 46ms
43ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.dynad.net

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 container.html Show response
08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6D06 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gazetadopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gazetadopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 26 May 2021 03:18:30 GMT
expires: Thu, 26 May 2022 03:18:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
391 B 117ms
115ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_zurich_zurich_ch_1621999110551_628656532&tJ=&tQ=gazetadopovo&tU=0100007F05BEAD60C30645700243AB1F&tX=b.52&tY=1&tZ=77063780
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 68EA 478 B
514 B 25ms
24ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQ3MDeARil-IqdATAB&v=APEucNVpffC7CKCEkED2glZtBa067ICvG8Bl3d5cXaOkHFP8P3zoI2viqUnvcD7o0iWQIEyxPwb5xNJ7yk82kmfqsBRfHsJi6g

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOrkQEQ3MDeARil-IqdATAB&v=APEucNVpffC7CKCEkED2glZtBa067ICvG8Bl3d5cXaOkHFP8P3zoI2viqUnvcD7o0iWQIEyxPwb5xNJ7yk82kmfqsBRfHsJi6g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 26 May 2021 03:18:31 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnVFIWmvU8EIHWIG1wxnKooFHFTmude4NT08EyXF39YnNPzzYALDbnx4_FY; expires=Mon, 20-Jun-2022 03:18:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 May 2021 03:18:31 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2FCD 11 KB
8 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8oodJ8Nuf7aeJXEDHUlUbI50EQP74srFbVNUykMjAxm2F9m9w8C8DKU5AvYJ10-1Y74xNClhwaqRJy6cZC5q1VurxaorNfYY5DPeHdEpkipVedgPG3zXXGjEKz2VcIRDIP0DYOd70-vV-M10EIzSqhIHivw&dbm_d=AKAmf-CezeqLdThUyyHBQ1-VO3wIQ4o8lLQkgXrFLxgBEpaXOlqU-cN4EF6RLo0HsN7llFWmiXX7omniTKC3_rvAlxV9oaXIdge6cTm1u7qxBwWletDAID3bHQ0WwH7SE2EQw5qyTC7g1laJI_cL14NSJbK75H1I6B3bkQmbWDJk2zg2cAkQXvf4n9V16m2xqyN8BjxKQJSaxt1m-OJcIewMZDFBWKKHEZpXCtAbhoHSq4WMbdcrN8CCOi80MFMFOjLrsoZknpCO4EZJXjru59JGc6-lgtLBPFHyIQ-fHCzZkH37Q3Z6uI44aK9x0LlY8Ma-QeM6qZsccvGCzDH0mgs7LDkoWQI5rz29zPs7BllBMVTPOw08Twtip-SiUdQGPRJ50ZGSTV-mM9r-V-BNGBxVm38U2WsREiX6Wsh_6Z2YLWohAiGoEl2hsp-6om072DguvukDbfY3-BMf8BuQgvgc5792UyR_wwoy3m-3BdjnTfc6kxpQwYCAKYar8oYc4ssnjjKsRSauiwER6QiCcRVxFX0TTSG8958MQ7IZg1Mgm2MVfdQrLvNNHZPhBMdL_dUa0IUZHXKSsN9QWuTp5TtjPOdgnWxiVb50aPgFPe1hSE8TU6gW6907PCRJMYJvm0hItKRa6XXr7Q9TOjqWC4spZ2h6sCNPjT3MmAoEqnj5FjBPQaKbuqyqpa3lHdpePuH_W_PmUvPAuQpgUwXQR2O_CbyiAEmTr6-JkiO0xlaGzM70SCUlBt4jaD3Jq_Dy7SjYaxqd8-4WoqbANUvGafyE7mKYb-uu4P6ZNEv5fIt7YynBMo_uWXLH4S5pATCZlCBGXJ6pSFGjr6WRks326HycmRkw_xjm_wV0Jxj7Y8CSicfXTgHtuXtlWhX0oumi0jLKj8oD1AceL8bKgXzowPl63JoUCpX7WXYftYlpMcfMxNEAOb7weuXv2FxYJal0U5m-p47PNK7j0hYBQ3DdqoKGS7bEsYTsZXKW4LucqjNXEr7abM_qpUAuIVyk1WKIJtPWfBwnPjJAalNEPZzIZVPf3MrtqgueyXQQ9zj2vqvg8T0FHYuDURC-d8wxKgUWfNEuSORG7jkKOS38frAeSnsrkvAF3JTpu-MeK9fHbtJZ85H0vZFBGdHevArZkhTp-2LgXnZ7IYkBXUbndnmRO1pfat-hAUwnsiu3m5bWkVP_mh13Kz1y-quOox856AbvWDHLIZeg_JkKEKFLd07b3UNEIv6PWlCXixKyTiiN2tBaLJbQ12vdhBB0hhpSVZe5SD_xZ_D8lW0MOw_vIkTwxy-Zwk7WH8lG9obPz0y_kfe_c-DyNxOw-XOylyYSx7xw7iKUF3yT2KnVDpBw2B7mVB5aoHumV_LXAlvd09ze13-bJUxocuFmlOoLzHaeFWqoKMx12Sa7sHXATVYyh4QdwijBiaJFbwkoDnbMYGNccQZ6Jh_HaJlNKU_lLkRE29QZ_OzVNjQ6hp4nTyDetnlUCLBAoZYGQhcLjPlE2wOzstbQywIneb12pKv3Q5GAVq7ACc40v5734Vs7wf9Xodc_BjFWEEyAAwFQ_24Lh505uBlSaAzjTNwfUEpxl-LGtnG26-MudWmFXwzLSYspFFGw43Y4Dt24fVqxc_aNXzo6bPl6MMZzmh9D9bO6Pp5fFSei6VbTPDhB8uPXs81nKcyP1rv627pDMBj_xNZK0VUEWyLlwEtIri5mGd3H54efr0-Vn9Xh0CZNRpbPMOnHr3o4m56H79ZVRFn-Il2R-MZYiyWHfqtv98EYSDYG59lwVLsEMxLtJlck-dBR3VLGeNG2T78JjYdxnbIZ6WKM6_5i-skWYZ5albUzLXfwAILwbr7PzQhs-gV6rBu93LdpFO3hZmr-EAUykWBeunZP1OIy-adIYiXE3TvxCUMh8TzEICaf_v5tobA0SkyC7CNwtVhL8Jb7THldNaWJ760YahUh1Pt7n0-lQb31cZMKGYyfmsU4hRnPzvAoxXG8GDqrw8lzuS4pLgu6D7W2IfYqiA8YmY9VY4SNoeIXJnjiuL1UzA-_83xzaPVcRj8e0lNrd7mUhf6Bp3_Pmuml8-sHslqcLaYQH7R0ju6GPsl6f7-HkYqNpZU6sE_9xeykmSC5K7Mq4azfLCtbp3k-trCbJ1B_8eQPpvuUxdLNZh6sBALglGuA3ce23F6YDgQ6s_Ams64OpYng-9JIa4b7-_H3Q_7m7PaZ4xd-PFi7bQ4nbxyXUhR58LzZu1Hs53YK5vX3XS0A7KHh39SV3ldu0cN0QxF-thMG3lbzavMSVRNNGMWvPdjB_BdG896cXlHLuTAjBUH7mMtHWG2h3Jgw6_J4OJ1UMyPI9XFICTyZcKhmAp606S9082a0JZTouC9vF98_oozx42ptmbPx51nxbEkS6tnEv996gxs3WLkyjk3gWnJwMm9H5BppKJOTAL2hSU_1kNQOGKdFVRU_0nswKpPUiH4dklZabRkji83srUgfkl3_hUt-KFOxMdgkigN5Jk4Bv_jsGmJRyuZSf2eXV6C0aPJYIRpDZ2SNDxHFARqGH8qSVuIMl581twc0oKmwvspvWD4xkoOcRLK7K2raIU40tAUz-oj1PGD4na0eGspSeYp7VGd0lLQrzwhGWWKZ7Tg0N8ILizVY30XZ03J2ZT30ZbHEy2I3krhw_MiQcWNS_o93g-pjyBwJVzEaisok51NqIyIQ68kfp_CJKz3RW3YYlYn6UeGPNtx51qiJSBjtM1EW29yY7TtkNex4iQFtSzkd4Z6VFUjYAid-Nz5Xtuw_KhcF84U9TQW4aDIWECpZkjCePgsSBTY9D-CUpUqs&cid=CAASPeRoFa7McQabGBbz0vaKC1zID65XJzJp0N0M77BQTlsBT8vBxmUGAfu5VSCsCQ6bXkhF9YVyTpgu6O13UNo&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a8bfd48be42879e71dfa12045fd8f41964e162065e2818214995c2ed0d1eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8183
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FCD 42 B
173 B 33ms
14ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHv6e9wuO9p4_8kDw1hGfDhiEPn9Bs8TwVz0Q_Dh4ocPiRXEPH631p5syvFAJWQ0HIbVwXNstMJzKllmMF48K4D8_50OtwGVunUPN12BRqgrkQ8zc

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/314658/52815543/xbbe/creative/ Frame 2FCD 229 KB
76 KB 202ms
77ms Script
application/javascript 54.72.219.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/314658/52815543/xbbe/creative/adj?p=APEucNVyT8h1TbJboIbuJarnRM2nTucaHYxESoOkP-d-wG_wDelcg9w&d=CnkAoCZ_4KCJ40YWea-EHxuUZVp3_QEy6IPv3H8D-igMH7mBUZIPOr4M6wgU3OghvjqWzG8wsBUz_cMABPfNEuF57wB6p_WlawZp39hzu526H1qvUDVba-DD5lAmZcTAg1v4gKgO4WS5l_-tyF5oWrcs-IHDoHWwuvn5EqkSAKAmf-AeuIh91J2SwNd8UMMdPs14Va-CwZvVWRL67xEgSXF98Jc_JkzDs_KxwERe9nbbq3-al6_VW-jLHkQYl99gfVNMJ4-gfdf5UDWptVO2wPUJUkVPHYDOmvzNy6cwdnqJLR2KYWulqAQtwKYLUXJ_iY54Mp9WtgjgacJhwwINoCCLzrvM1N-wnVcN30itu5x1aX959FFWGjJpgq5RIX3XZw0OpX0bwrIhuQAB5IpnQsLNBkGulf7hE6zwSR57jN62wAtNhVXfhfcezrbXrH_QImqNiVmqNICRqX54GV3pt9_LSOuJcViX29qm0eL-DxcR2gjHYSnfweLRGqxY5yplYQdpWBmihOlpMBSJ_WnfrLeCD8EPZD255Tb5pHcsK-SkwEzMzfhq7UeFTFrYdP6ToQsmyzxS5nIXIdBYaaLpzwHFyTP37y5KDFu6Y55tLad4PvNy1i3aPEZgsnqT89btX94CAMQT1rd_IR13_E39oELe5HrhOdxSCdG7a9bGblyq3nHlWoLKuUGi2rIAuiLsldvfqwVCuBCe3BNaA47mr3rv9xALPnr1WyD0oWUqo1lUnKtzgtpef6K54FsX8jr7PKCWvJ9A5qV57gMZgq3dCB1Nh1NUGcVV5BFo7npI-L0O2U7orZ287aErRIAFKOJUc1lJMPJoMZDVREXdZbhi7UDX-xvD6KAcLScMRe3YOiq4UfMqUZiywMXXG0KWkc02olkXsirhjlxmQ0t_g05uGqVpMfrx_PK992lSbyYZWjAdWC-N02iKSk68zc68ONu6QnAHAVwONKMWca1oXCM3U_1rrlw8J0p3sjLmxaBRcKURVxdziH4S6hZb_8Whz79wNYVCqSraw19O05anJm5OCmydQAEYhyMDuofY1Ybq2HZybEJnldcVTS4aIhqKqDHX_4HBr-1QcWbQoV_6hInY-mSsvHBJmgoXrSyjuJHtgJQDidN5BrLknl4xXxpU5clNQCnQIdqNCYKivNNjOwQGJPZbECxWvrjckW857j1adOQqENfyfzEIBFgH6XIRc1s3Y4SGGD3Tcy7WSOZU-2SaoOUP3JarmiGRjg5L8ATzJTdxnJ2ZhLEj35gvJVyXEkYsm9In8LM6rGnnc9IUQJI96a5-E_RlIVjCFiQjYpvzQY-w_gG53d6SVIh3WvqG1sFMnL2ofDBWBM33YgTtDf-eLkf7zuGnESNWuujFR3Oq_tNge3JckbaGNgNg9VaPVPapSlFLnA2WaWwVbXD8KqRXLwucgLzvWAzC22B6cbAI844y8F9XzWu4RNdDVFPy6SpShr7U8LA3wllv_T_IXtwyAMM8kYssxeuCtSPxTF85Jy8_KaUvx7_KiAJpVNU3untrUy9DWA1voW5RelTucygdV8k8Pz3kCjGNYEKlWJ6dO8LB83dLKv1w0p04YNLXKgplQOrWuR_ARA188HlVofQF8MaPI2pvgKEUhze0R2Y74YKeJZak3N9sxJmOmHJRI2a16mn_gD7cDwCgzwTWVIoItUwgSYKumtG13_GXQWHgu64__q4MQU8rmd-Iz2aoxzT7pOaz0rk-EJuAuJuGn_jG0z7MMLdnK3FgqAU2aw3SuEzxajOXOVPid14KGmx58w0iS9nvV1bnO0NRxtPhoziPkuXarxj1tzdxX_ox4TjYzMEOzar0PcQwMFJLgyFj7y_Xqm8KiX0EC11CsSxgequym7803-l6dNvekMlIgAuC2Qu-NPpNxHwdYoOKA9c-8vuyylgYSSE-_ICPrjoixioIDGJuBqSefISJNMxQ82hmTX7IYE_KymT209QjjYHfG4zzBm5eQl1HEqEdCeSxCYb7u1vg5P66lt77heXyvltLg7D-tvJn5QOZnbEX_RDGZnDW28nUq83LOOOb9NDWAi_nA6-D3gW1rGIPXDPnM2BGaqhhVSPJrv7USRs4mNMNMveHwGJ02s5bIwZOvWrkezgwNuxNTx1g6lb8DDvQD5apjbI3LTg_qYlSWRtGwlq1qOOJCn8xxUCN1ohH4G1eMYkVowT3gWItmvLdropxM0u-b6jvj_tAT6afLqlPXMJGEmPb_U8Ta-yG7o80oy9UVt_yvjcUdRvNPqqHtQqGfnwJOVYrnYJ1eoQLqguzZ_Y__pJ-ytxi_4mSm3Qva7Lik7FxJMiBnIbp6UODA74uJp9SmUs2jEVRUx14eIeyKlRWlOsRD7IOwAk03q2QvRsyHeE6FRXtd_-M3qr1iGMtmvac5iMcjMUoyRdrxbAD87kL2bBE5kH_1qCyhlqE0UrIr47Q2GBuEpudUQXPT1YmTwV-o17825g2UDo-afSI2Qs1u_OthSOlQlpmXYR4dsL75v3NazQvpmWQPEXzDI1Npfji183GN6tMgXj7Uv2eRPNrkvQ_LI448bPHSIvC3Zipl_h4faxjnUebaxvbbGeAIzv-oFVnGEVSbY4yGuKLEGwZ2WPl686QgUHO7QiSCFJ3m6IS04xaSUmQbA9LTkiKObo9096oNPnqEa85eaIxTg6eeSPlL38vjptoWGahBPD6brfpCv0285sLthhYErKtAW65tAcLofxMzo6WnET-LKO6rKffCFmUKa6ZZouwxPGzs3kPKHOl9VkJ6Z1vJm59_sPin8KqdJxIiBijjZns3GwAUCM303WG8PKL0kh9vbpfI8iSD5Ij_e_fxAL6NM8FikzX-KpIBEpu34SAltFINJV9onAQWz2XJ5mqZ97xUfdhsBbIvlZGnzjtJPMHoJcb1y9D_DpP1tZrM5zCwrvdOAA3sbso8__NXMiRSECq8PjyLa9LmxCxPuCy9kQlJ3JEWaexuwNA8Tzo836FMES4ZDDu1oPhvdTbrabUQMHv1hoMcFYjYi7ka4gn2E6F7pMxpU6UU7BMzlXsrdTkpig8mJLet3INeVjtXhU1R75Sh2ir7zqh1KgwIL_8OcriwEFPa8h2hvam9h7ogqPFL-8s1sB0SDyfC5fCffiGqxjQw_mpXqJT52W46mYCKa6bsgpWoCj6D4y8CvnSWx83ljyozgR2nfjFRuimEuWEzB480W6rxOsR8i5CNyYZ0UlEbGEdGCZ_RLGx0IMPiASteB8XJBagWknLv5vHYMulfjNsC_FhFPgxv78vJF7NPBwaQQgAEj3kaBWuzHEGmxgW89L2igtcyA-uVycyadDdDO-wUE5bAU_LwcZlBgH7uVUgrAkOm15IRfWFck6YLujtd1DaYAE
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.219.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fd606387c639b2f58b245b2955d113fc034eb78cc6ec43f361d58a9acce019dc

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: gzip
x-server-name: app19.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2FCD 2 KB
1 KB 21ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 03:08:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FCD 119 KB
36 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621855623965245"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37215
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2FCD 13 KB
6 KB 20ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:37:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2FCD 0
0 25ms
13ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThD1igM-RjV6px2iAkAnxJ_H37DvA3Mgwm8KPRWbBfaaxIt0nwhklsvd200467PE_ijJpg
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4DAA 36 KB
12 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 3388
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Wed, 26 May 2021 03:22:03 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8354 0
575 B 109ms
39ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtZVlv_F3onDkuvaGGOlma1txRj5GsEkhGmLts0juV49865IfUUYv-ik_Cc2dkq2k3VHQimIU7jhGZNg41yVTIJgPV5xNpF7bVcHvYI5Xc2Nb_mKtz69Rv9LhnjFXmW0ArbRZO9LfLHiVDTEzUo5xtet-bup3owG3hD19Pqy7QHezfQXmK60IL3YM210_QZtNf_kFuMjHMfXTgJ7_D3v6Lu-LkJndOTGA-_iwM66LiyC9dSgSdzwyxJ8B6L3X7FMeShGq51snbeRDkVLv28de6o3fIwZnz_sFd1g2vpJ4t2bR0xs1K4WQ3C5gqiShVbXBG3f2wNPKOP4wkzdHnogteib2-Lab0N_XFF-GyL8NAix5v1Bxl2QM_wsmiC8OOizvOIzm1QPAisuBu2WolK80hlA_-uc631rs3cXvstFC0Ov7vik5CQa19EydeJNdqbYTVHMQ7P4O5SHNtHz_M7ctSm8mVd0fzKzWJ3jK54gLYkeLWRjeumC4K_yFgOZwrxFiLOmSdjA-y9rKX8mnBa04hwsqNwRVybxcNs4yKExsUJqr5SMLyIDIENQHbTmTXDfKzF9WC86bi_EFDwMxVLtFHDGanLhVddxgvoks84Bfo6nbb_U04PNN_4LBv48uTL9EqHNcyni8iEnbiNg4RoTO694d1VUjBgRWDooPjCnYkbfC30RfxFmq6o1tSwMV7LRbw6suCVXZNm5Y0dOwTPQWEnVZUszx3blPMLD-eHVvRRbRTBx4s2F9iJ_O9PzDG4wMmRAaNHslYTpGuK-yhQdKTebIKWd8Z5u0tTrJE8IYSHY9XyXIjUzh7ioIUtR-NCrOgtgUgTHADXSKzX7B8qXOgBRO0YPEqmLhoYlVTL1c_n6Yzz2P-zbMcQAKhprQHCWOgry9K6TDHYG47B8ZP5zhFbnNZemJfk9aLGlwgvumIzxHKm34pjj7SjL1F1nvsQ1i1wM_cSuIUKA0ZaSBI2fEkI1Hd_wJem9HYiBcjur-g0_lelP-vZzfr73GZjFFw_uOJkgheYnIUtvatlI-uw8jXNGbFQU39IbJzbjbjjzTBXMim9weif900YbOrlIXMaBD-EqrDgmoFAFu2KSf10GeBP_GNg8ek2QPlTrknUKhzR2cW_FlwqSpEMOsRzPrXMv-h8ckJJ89bTtPJxr43yg&sai=AMfl-YQNof_kxqfsD3V_Po_i3cJ3dWugwT9RxchdDCeTrNOs-BN-KMJlGEPoNOQbb6lsW30bbxubBn7eYvaM5aYIVb4zHCjVF0NjPDic2Yeky3pBkv6CuemL5O1Jxb6zYv-byEgmUXlhXOgsp6i9nLzSKrOhnJp2EHPGnIZmaMmS7Rl-WbsojOgKr_8y3vjM77DFV7Z4bJJBUwcXvWmfvVeuZ4KXmdBRNksH6nQECAzrhtCoLT0c0G0vmYKk57jtk0XD0wDrZd99-G-A90Mj0SldrsO5kShv2rjLtNqnSGOvjCJrMGdYWkV6iJAJumVHa_HoZaPgUNAAFVjCiNXKsEyDb09d5v0ziYKM3NrHick02AtoofcNmqBzhIm7pDk0vyI1_A&sig=Cg0ArKJSzLyEwealAxjaEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=548&cbvp=1&cisv=r20210517.42713&adurl=

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 26 May 2021 03:18:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 12357380912829625462
s0.2mdn.net/simgad/ Frame 8354 12 KB
12 KB 39ms
8ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12357380912829625462

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c212c3df3e7e5446bc8caf716f126f43fc09788db0517a17e0ab4c629d7c30f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 06:11:25 GMT
x-content-type-options: nosniff
age: 421626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11806
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:27:15 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 06:11:25 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8354 41 KB
15 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 08:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66044
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 08:57:47 GMT

GET
DATA 200
OK truncated
/ Frame 8354 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35b309235cea3299012113e5f6e763036394a5ad4a43a77c57c0aea998bf3fe2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CE90 170 B
506 B 78ms
34ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYrri8oAEwAQ&v=APEucNV2AXRTeR2lvYZyyUD8JmOR8B_l3HurrplP3uMQ9gXJVLIAabip-HEhOQdv38sIxMSf6hj6zVxXY9k4W2-IZ-PmJA2-Lw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CE90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1

43 B
1014 B

47ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYrri8oAEwAQ&v=APEucNV2AXRTeR2lvYZyyUD8JmOR8B_l3HurrplP3uMQ9gXJVLIAabip-HEhOQdv38sIxMSf6hj6zVxXY9k4W2-IZ-PmJA2-Lw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 May 2021 03:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CE90
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YK2.CGrru4Qc-8VyIeAliAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2

43 B
894 B

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ25-HuQIYrri8oAEwAQ&v=APEucNV2AXRTeR2lvYZyyUD8JmOR8B_l3HurrplP3uMQ9gXJVLIAabip-HEhOQdv38sIxMSf6hj6zVxXY9k4W2-IZ-PmJA2-Lw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 May 2021 03:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 01B9 478 B
253 B 25ms
16ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYxsa3mAEwAQ&v=APEucNVMmKqWVxxq7wafhvDrBS94NrTDO23-yPh1b3jyEoXRBjTq8iX-N8-Xq7A9Miu6LEM8crAcUT12OtJff_EYEOiUd0UFPA

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ1_mTogIYxsa3mAEwAQ&v=APEucNVMmKqWVxxq7wafhvDrBS94NrTDO23-yPh1b3jyEoXRBjTq8iX-N8-Xq7A9Miu6LEM8crAcUT12OtJff_EYEOiUd0UFPA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmAv1nIlhAWSjsbpQKdNdP5L0c6zm4y9X6dcxgPj81DCX3A87LCa-01XHiCvH0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 26 May 2021 03:18:32 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 May 2021 03:18:32 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D06 24 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGAH9iUeQdBsUifXMFfvUPAJMU4XJI0sl7m2xZb1BB_ip78EAQCFOIbEdITI4BeHALZt6ff0TZSqKPA4pxhLI9YURiKXI-uLf-iFXPi5QmQHrqbpoM8y9khWduMTwoyRKbYkZZl71urxvMdR_iSBeOvi5q9Q&cry=1&dbm_d=AKAmf-DbL2-Ih7ImI9QgSibiSoTpKvURR0OC1decHYu5Eo6wMVaNCUqjVbum2HyxS37mcJZtOPXb5L9iVpjmFSiMXK96EAaQOvKW-UM70d8cszfPp6HGlYqRu7FpvgmASGeKVlmGnnEVv8AY6a-VzdfeOKR__riyw1I5Sjaw1d7JfbeLKb9OJfCMwb_fnZ70ebL0u7YX2U_jmjsEblsOvUOROhtnf1d0lR79oQr2kOycNt8BII2bfMx-L2vh7AJlAGxBcNSw-qjYh6owr6O0HzQrDyEDeIKywY4nbOkvbopuLUBniaG0NnuOc1FBETbEXzKtPbkvdHyeztXX43_i-mYlbtGW5rLjE-gwL5nPWwGmr6QaMxmB5m0C0V0pCtKkOPmcflUWKyrBaIwymCvGKXNaXLwihNjkZhZ_c5KgXCqA4fAWoV5TqBjGfbG4eMLhUxWGhaWT5o2pJW-6dVRYYmQ0u0wnfmDsyPioFIROkovxWXI_QQzuRlHPRRXYkCSk1BVog-5pTSsBvVWuEnrn0Vo6x2oATq97iQERjTwdah759KpjwJIfi0DA1NuPxg4V5g-rVAbGO4mgK9CtgWMS9AbTubKF0i7b0oyIk7R4tHHcvz9Wi87Wkdbq_20Yhfvqa1BS36b9ITRrxbyjAOgSRIzOINRl9TcUjPyyznasC7j8Q5_YypPQJ0H5B74Yp-ytkf_uFqunEuuMw7csJcHzVtJsoDkckyIaeixShjgOY7v5PasD-P7lq2auPGkfOLPMQ2D6NFFkVZ77OYcx4w7n5GxGQ_TuwtCyDsQEn0HLHBBl75w-FKj4mytc9H8k_xm_Yy1gXW0DU-1Ti9S-X8QS0yJoQnQgJZMAlDX8AnxmljSXwVRMup8PeQzrqtoN74DgMcVBVicXmtjfParpV7-Dk8l0R-udKVBC5pb6w9xyZ9xXvXdE-nq74kRQ2gYvM6ckT6Nd7GfbaZsdFJZNK7c-iV3aXhuWG1qfdWwIl9hAxrXTWleYLMZL95xIityKRQeFZCCQDIyA_5YVAgUurx9kvA47kV70Ewm2z5yjfg4bbScodJ9lk_MHwXUJuz5-bAaeeUoHP6lzayqceQnTfzk5JoVVcu8H1vqe9hOGP5teIbilom5M9uvhR_ErJWqowGAefVif5uuA0ZioKNl41xgR-OnF3BqgjSo7t5EnweTVzy9vx6RlbUj8qzI9e612GLRNC7PYsjI0FxeJVCskgCX9dW8EK1wf9Vyr_f8bz8EmlnjapLE-ppry6tXacPYlHTXldfnL7xC2DdoeaP3p8ej_bXEO8POrJTrOD5TmZrvWLN8iSn4GHtlNIl26q0w7AphHtxMXumcWuWz7VbIQlxNnLGaXGr7fiVX-tX_ISJrD_Ypm9qeDV4-LDCbqdJI4eIsjB56IhADyxQLCdeRZUT9BcfMyGUgfDHs7BNPIxvOMZTUgopkTLOT0w9Cr8eWxPjlBJ1naDRZBrJFm_2hWaJxXo1ikZLMBlo8yp_KhBCxloJ1WHBciD5PNwmT7F9y9vEISCnEbvim76gT4SDNafvolRlrQCSS-ZIGfSNfp1R3XEYgFz-Pluje4A5tJ_Mzrp5XyVVIhQRFVaMokgs-uhjUjKiqUnZuM-eaU726YkOWtOzaqslRsCrpJg5giMmV-zOYG1w--hbqqdk7BzS2ld_Ph87dmbdsuiR-7l1E8TJpooiXHRE6u1lM9KP26pg0S1Vel7IdqEqKBxU7PK5gLmiZcQcsJk3EwppIqJ9eyhK0NO7ioch_HD8kehucFYopS1lCwSVSYcVxYtOZSEHxi5dPbM7EF1wmshEZmnshZPXbPjT0EV2gTWo9huphyYZv8o7EEXlrUwt8QjaQOABd79U7WXGFSeHqXJ76-J-HRmP164UQtgWpQGzuwcH9lgEP3xa8L-VEvDKgJwMjcR8T7gcA_tTCFtOtjFciK8UvE32Y1VjJZd2fR3qjgJCxNacpkK6mNNevlw2km7ivwAL17TwdorJIypqct79J14wcqsWzTZGmf4-C_xrMHpTyfcy-ZBrdX5vcCNO6TSBGBnGTnvlWYmJ0p4Z49Uu9RjjpkIZTT5qA_mS9fQJSBWz_Jhkz8dF70F_kUmQHDD6qIM3BKRLJpQktW0nGGI_b8j-BE-RJ8UlA21HwTwc3uZLqCjvJNXKLU2Fm9dDjQaDoYbIj_Sv2DNKEzGZjyaQmjmoNLf6zGC5h5CoQZEVJtDPywAdvLJ6_9x6LJBaiWGIpkNUHo72wRVPkWVRAB8vIcYQEj5Oewbey5xj4bT9VCKcO_9EjxRTnx1-Qa7sahhIrc_U8jcPgFKLzqcFHbriZwJTZuA9C4IirX8AyekFadI7JTd96VLWVUVouSowAqrRDD12vXt12xRY-RoIv5UeDb3IBScc0uYZw5llv3ekBgLr2vawgEj-yyUHt8RGsVRCwC3ac-gsqUp8dZfUkpmVqQkKrRj-rog2AET4JCXGexA4NcX_eSptOmgfXqJsINKZs1WYTg96yQtZH0BFM3O5E1fh4kfkS3hlLtZz3DnVXeBOujkM2WEws5qCuSUR7FK9WHIab9Oi6ZhextvuYqhUH9hLxa7-RMCDam9XIrX4tkTe_NtmxKLLT2O6pPL962xY6WTUOadLK5GwgPTcCP7_AOaFnL9mQPiQaxe-60ukQUK3dKh8DlJ1f0bqz7KcL45yuvOauCdWsEqqQSTVONVqNhVorY6oS_AfXUZT7e2Qht33fk0DfYSWqHtasyk6PcweannJs8ROmBaazO9_PKudlPBooNh1OvhAfAgOODOhrE9R-j7y55UNjche-8O5WjJPoBpN2eeW3peA8IbICZj_-jxlt9ZmS_KZ3fHG4M6jg3iaO0NlSvl78U_L4MJiXOLmPhqRwtJMOwBwl4jwtMqPBizFYcnBH0UCuuVggfAjxElQvh9zU6kCHLzFP-UhXuhmAzchhsznrvCz6VZaFIAd8MAZ3_Y8nv4CQIYgh0bGlSv5ImBIocm6RCokSnv75-EQoFD1tNzKb1GjAKUpIonWB_bnXPXlJorVje6n1m4bmHIJMRKx_rwJ6v00qiq51aH34odJRC0iMau32rAnBO-d_No0By3gDbA2ZW-lJOLUzMBY2Lw0Zh3B_fsJqb2rNjaKdXjIdI9lehPwbRNnkrMjCDBUYj5sfCfQi3OMMLfy8RvgNIKonthEvoHo3lsRmy-UXhyggrhKns2jUPa1LHWBsJpcYVq886xyIdhpKHHjZnLpwKtx3v0EuSGDOQ9bmJXO_FU1VFs561OkRByMs3N7I_iAI290pSy0EhgWyjfegHeheoYBBiVdT3zI9in3PtXXwRmuBYWV3vcY4GwETW7wxls2gYknTf_QzIL6wIVYAps36XgG_pOH1JR7b1jV7tq46Lvy6zmEW6Nuv63-Givvom5McnhLaEQJHLGw9K8ZZ4tnV2urx1S--VQNMlji2o4FqCVEnPGTaIRMkyuBiJNSa9lH7aNEt6EQ_NBe3qdo27M-cGaZjnH_-veNqjK-IJpp1p3aHCUsS6tT2r1xVmIdxDKWu_9Z5SDfKLupC0qdeh8cJRd7cLCChDqraEZgkLrSYWmSlufhxM8DkyalzJNV27QKQbP-L5IUQ_zSlThMaEEoI&cid=CAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f757d30328eecfe07e7a011c472595defefb3d9d042f56796f9730a60e9019cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D06 42 B
63 B 16ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AF9LdKx1yjGBueb9iCYCOgz2NsAEfVch-iUSuj2s8nq1yHsd8qIdzpVbkogcYuQwn4obtBOkBUlLJobLmoiYq5SVVj66Bjz9kNLa74tvG5HkPWieU

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embed.js Show response
live-tag.bannersnack.com/iframe/ Frame 6D06 2 KB
1 KB 78ms
19ms Script
application/javascript 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/iframe/embed.js
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 07:25:08 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 07:39:56 GMT
server: AmazonS3
age: 71658
etag: "30f5e3d9a15d04b0cd044a5a807687d1"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 960
x-amz-cf-id: YMVOo0wIOgYfm0vWw9O3RZAPY4MjaFhlTn5Ju2BLtQhKDVHvkrDPkQ==

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6D06 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 03:08:22 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D06 119 KB
36 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621855623965245"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37215
x-xss-protection: 0
expires: Wed, 26 May 2021 03:18:32 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 6D06 13 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 02:37:50 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2FCD 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8oodJ8Nuf7aeJXEDHUlUbI50EQP74srFbVNUykMjAxm2F9m9w8C8DKU5AvYJ10-1Y74xNClhwaqRJy6cZC5q1VurxaorNfYY5DPeHdEpkipVedgPG3zXXGjEKz2VcIRDIP0DYOd70-vV-M10EIzSqhIHivw&dbm_d=AKAmf-CezeqLdThUyyHBQ1-VO3wIQ4o8lLQkgXrFLxgBEpaXOlqU-cN4EF6RLo0HsN7llFWmiXX7omniTKC3_rvAlxV9oaXIdge6cTm1u7qxBwWletDAID3bHQ0WwH7SE2EQw5qyTC7g1laJI_cL14NSJbK75H1I6B3bkQmbWDJk2zg2cAkQXvf4n9V16m2xqyN8BjxKQJSaxt1m-OJcIewMZDFBWKKHEZpXCtAbhoHSq4WMbdcrN8CCOi80MFMFOjLrsoZknpCO4EZJXjru59JGc6-lgtLBPFHyIQ-fHCzZkH37Q3Z6uI44aK9x0LlY8Ma-QeM6qZsccvGCzDH0mgs7LDkoWQI5rz29zPs7BllBMVTPOw08Twtip-SiUdQGPRJ50ZGSTV-mM9r-V-BNGBxVm38U2WsREiX6Wsh_6Z2YLWohAiGoEl2hsp-6om072DguvukDbfY3-BMf8BuQgvgc5792UyR_wwoy3m-3BdjnTfc6kxpQwYCAKYar8oYc4ssnjjKsRSauiwER6QiCcRVxFX0TTSG8958MQ7IZg1Mgm2MVfdQrLvNNHZPhBMdL_dUa0IUZHXKSsN9QWuTp5TtjPOdgnWxiVb50aPgFPe1hSE8TU6gW6907PCRJMYJvm0hItKRa6XXr7Q9TOjqWC4spZ2h6sCNPjT3MmAoEqnj5FjBPQaKbuqyqpa3lHdpePuH_W_PmUvPAuQpgUwXQR2O_CbyiAEmTr6-JkiO0xlaGzM70SCUlBt4jaD3Jq_Dy7SjYaxqd8-4WoqbANUvGafyE7mKYb-uu4P6ZNEv5fIt7YynBMo_uWXLH4S5pATCZlCBGXJ6pSFGjr6WRks326HycmRkw_xjm_wV0Jxj7Y8CSicfXTgHtuXtlWhX0oumi0jLKj8oD1AceL8bKgXzowPl63JoUCpX7WXYftYlpMcfMxNEAOb7weuXv2FxYJal0U5m-p47PNK7j0hYBQ3DdqoKGS7bEsYTsZXKW4LucqjNXEr7abM_qpUAuIVyk1WKIJtPWfBwnPjJAalNEPZzIZVPf3MrtqgueyXQQ9zj2vqvg8T0FHYuDURC-d8wxKgUWfNEuSORG7jkKOS38frAeSnsrkvAF3JTpu-MeK9fHbtJZ85H0vZFBGdHevArZkhTp-2LgXnZ7IYkBXUbndnmRO1pfat-hAUwnsiu3m5bWkVP_mh13Kz1y-quOox856AbvWDHLIZeg_JkKEKFLd07b3UNEIv6PWlCXixKyTiiN2tBaLJbQ12vdhBB0hhpSVZe5SD_xZ_D8lW0MOw_vIkTwxy-Zwk7WH8lG9obPz0y_kfe_c-DyNxOw-XOylyYSx7xw7iKUF3yT2KnVDpBw2B7mVB5aoHumV_LXAlvd09ze13-bJUxocuFmlOoLzHaeFWqoKMx12Sa7sHXATVYyh4QdwijBiaJFbwkoDnbMYGNccQZ6Jh_HaJlNKU_lLkRE29QZ_OzVNjQ6hp4nTyDetnlUCLBAoZYGQhcLjPlE2wOzstbQywIneb12pKv3Q5GAVq7ACc40v5734Vs7wf9Xodc_BjFWEEyAAwFQ_24Lh505uBlSaAzjTNwfUEpxl-LGtnG26-MudWmFXwzLSYspFFGw43Y4Dt24fVqxc_aNXzo6bPl6MMZzmh9D9bO6Pp5fFSei6VbTPDhB8uPXs81nKcyP1rv627pDMBj_xNZK0VUEWyLlwEtIri5mGd3H54efr0-Vn9Xh0CZNRpbPMOnHr3o4m56H79ZVRFn-Il2R-MZYiyWHfqtv98EYSDYG59lwVLsEMxLtJlck-dBR3VLGeNG2T78JjYdxnbIZ6WKM6_5i-skWYZ5albUzLXfwAILwbr7PzQhs-gV6rBu93LdpFO3hZmr-EAUykWBeunZP1OIy-adIYiXE3TvxCUMh8TzEICaf_v5tobA0SkyC7CNwtVhL8Jb7THldNaWJ760YahUh1Pt7n0-lQb31cZMKGYyfmsU4hRnPzvAoxXG8GDqrw8lzuS4pLgu6D7W2IfYqiA8YmY9VY4SNoeIXJnjiuL1UzA-_83xzaPVcRj8e0lNrd7mUhf6Bp3_Pmuml8-sHslqcLaYQH7R0ju6GPsl6f7-HkYqNpZU6sE_9xeykmSC5K7Mq4azfLCtbp3k-trCbJ1B_8eQPpvuUxdLNZh6sBALglGuA3ce23F6YDgQ6s_Ams64OpYng-9JIa4b7-_H3Q_7m7PaZ4xd-PFi7bQ4nbxyXUhR58LzZu1Hs53YK5vX3XS0A7KHh39SV3ldu0cN0QxF-thMG3lbzavMSVRNNGMWvPdjB_BdG896cXlHLuTAjBUH7mMtHWG2h3Jgw6_J4OJ1UMyPI9XFICTyZcKhmAp606S9082a0JZTouC9vF98_oozx42ptmbPx51nxbEkS6tnEv996gxs3WLkyjk3gWnJwMm9H5BppKJOTAL2hSU_1kNQOGKdFVRU_0nswKpPUiH4dklZabRkji83srUgfkl3_hUt-KFOxMdgkigN5Jk4Bv_jsGmJRyuZSf2eXV6C0aPJYIRpDZ2SNDxHFARqGH8qSVuIMl581twc0oKmwvspvWD4xkoOcRLK7K2raIU40tAUz-oj1PGD4na0eGspSeYp7VGd0lLQrzwhGWWKZ7Tg0N8ILizVY30XZ03J2ZT30ZbHEy2I3krhw_MiQcWNS_o93g-pjyBwJVzEaisok51NqIyIQ68kfp_CJKz3RW3YYlYn6UeGPNtx51qiJSBjtM1EW29yY7TtkNex4iQFtSzkd4Z6VFUjYAid-Nz5Xtuw_KhcF84U9TQW4aDIWECpZkjCePgsSBTY9D-CUpUqs&cid=CAASPeRoFa7McQabGBbz0vaKC1zID65XJzJp0N0M77BQTlsBT8vBxmUGAfu5VSCsCQ6bXkhF9YVyTpgu6O13UNo&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 08:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66045
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 08:57:47 GMT

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 109ms
108ms Preflight
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:32 GMT
x-amzn-requestid: 92d0813a-8945-4417-b64c-d192e82a2a1b
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qhUFagoAMFtnw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: KKQIlr5ZKI5gILN-1S-99xITCXQziSuusFClCb92l6qDpAm3gf2phg==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 420ms
420ms XHR
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: / Express
Resource Hash: 35af778414c5f2b45dcd4cfebe81b2cf74bae719ebb1987e0225c0eb4f6ac9a6

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
etag: W/"541-SBGoCtftDT/lYH9IW1a5Hy+idGc"
x-amzn-remapped-content-length: 1345
x-amzn-remapped-date: Wed, 26 May 2021 03:18:32 GMT
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qhYH3foAMFatg=
content-length: 1345
x-amzn-requestid: 4865b7e8-222a-4344-b550-8c93091ae14f
x-amzn-trace-id: Root=1-60adbe08-3b43ad5f68d093b92d360e87;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 0rpEVc01SyuyjcTTATCQesznFKlSxL-Cp8F-pLgTILAF-zDG83aNag==
x-amzn-remapped-connection: close

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D1D9 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 25 May 2021 08:57:47 GMT
expires: Wed, 25 May 2022 08:57:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66045
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 68EA 170 B
188 B 50ms
37ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQ3MDeARil-IqdATAB&v=APEucNVpffC7CKCEkED2glZtBa067ICvG8Bl3d5cXaOkHFP8P3zoI2viqUnvcD7o0iWQIEyxPwb5xNJ7yk82kmfqsBRfHsJi6g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 68EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1

43 B
894 B

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQ3MDeARil-IqdATAB&v=APEucNVpffC7CKCEkED2glZtBa067ICvG8Bl3d5cXaOkHFP8P3zoI2viqUnvcD7o0iWQIEyxPwb5xNJ7yk82kmfqsBRfHsJi6g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 May 2021 03:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 68EA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YK2.CGrru4Qc-8VyIeAliAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2

43 B
894 B

30ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQ3MDeARil-IqdATAB&v=APEucNVpffC7CKCEkED2glZtBa067ICvG8Bl3d5cXaOkHFP8P3zoI2viqUnvcD7o0iWQIEyxPwb5xNJ7yk82kmfqsBRfHsJi6g
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 May 2021 03:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 6D06 22 KB
8 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGAH9iUeQdBsUifXMFfvUPAJMU4XJI0sl7m2xZb1BB_ip78EAQCFOIbEdITI4BeHALZt6ff0TZSqKPA4pxhLI9YURiKXI-uLf-iFXPi5QmQHrqbpoM8y9khWduMTwoyRKbYkZZl71urxvMdR_iSBeOvi5q9Q&cry=1&dbm_d=AKAmf-DbL2-Ih7ImI9QgSibiSoTpKvURR0OC1decHYu5Eo6wMVaNCUqjVbum2HyxS37mcJZtOPXb5L9iVpjmFSiMXK96EAaQOvKW-UM70d8cszfPp6HGlYqRu7FpvgmASGeKVlmGnnEVv8AY6a-VzdfeOKR__riyw1I5Sjaw1d7JfbeLKb9OJfCMwb_fnZ70ebL0u7YX2U_jmjsEblsOvUOROhtnf1d0lR79oQr2kOycNt8BII2bfMx-L2vh7AJlAGxBcNSw-qjYh6owr6O0HzQrDyEDeIKywY4nbOkvbopuLUBniaG0NnuOc1FBETbEXzKtPbkvdHyeztXX43_i-mYlbtGW5rLjE-gwL5nPWwGmr6QaMxmB5m0C0V0pCtKkOPmcflUWKyrBaIwymCvGKXNaXLwihNjkZhZ_c5KgXCqA4fAWoV5TqBjGfbG4eMLhUxWGhaWT5o2pJW-6dVRYYmQ0u0wnfmDsyPioFIROkovxWXI_QQzuRlHPRRXYkCSk1BVog-5pTSsBvVWuEnrn0Vo6x2oATq97iQERjTwdah759KpjwJIfi0DA1NuPxg4V5g-rVAbGO4mgK9CtgWMS9AbTubKF0i7b0oyIk7R4tHHcvz9Wi87Wkdbq_20Yhfvqa1BS36b9ITRrxbyjAOgSRIzOINRl9TcUjPyyznasC7j8Q5_YypPQJ0H5B74Yp-ytkf_uFqunEuuMw7csJcHzVtJsoDkckyIaeixShjgOY7v5PasD-P7lq2auPGkfOLPMQ2D6NFFkVZ77OYcx4w7n5GxGQ_TuwtCyDsQEn0HLHBBl75w-FKj4mytc9H8k_xm_Yy1gXW0DU-1Ti9S-X8QS0yJoQnQgJZMAlDX8AnxmljSXwVRMup8PeQzrqtoN74DgMcVBVicXmtjfParpV7-Dk8l0R-udKVBC5pb6w9xyZ9xXvXdE-nq74kRQ2gYvM6ckT6Nd7GfbaZsdFJZNK7c-iV3aXhuWG1qfdWwIl9hAxrXTWleYLMZL95xIityKRQeFZCCQDIyA_5YVAgUurx9kvA47kV70Ewm2z5yjfg4bbScodJ9lk_MHwXUJuz5-bAaeeUoHP6lzayqceQnTfzk5JoVVcu8H1vqe9hOGP5teIbilom5M9uvhR_ErJWqowGAefVif5uuA0ZioKNl41xgR-OnF3BqgjSo7t5EnweTVzy9vx6RlbUj8qzI9e612GLRNC7PYsjI0FxeJVCskgCX9dW8EK1wf9Vyr_f8bz8EmlnjapLE-ppry6tXacPYlHTXldfnL7xC2DdoeaP3p8ej_bXEO8POrJTrOD5TmZrvWLN8iSn4GHtlNIl26q0w7AphHtxMXumcWuWz7VbIQlxNnLGaXGr7fiVX-tX_ISJrD_Ypm9qeDV4-LDCbqdJI4eIsjB56IhADyxQLCdeRZUT9BcfMyGUgfDHs7BNPIxvOMZTUgopkTLOT0w9Cr8eWxPjlBJ1naDRZBrJFm_2hWaJxXo1ikZLMBlo8yp_KhBCxloJ1WHBciD5PNwmT7F9y9vEISCnEbvim76gT4SDNafvolRlrQCSS-ZIGfSNfp1R3XEYgFz-Pluje4A5tJ_Mzrp5XyVVIhQRFVaMokgs-uhjUjKiqUnZuM-eaU726YkOWtOzaqslRsCrpJg5giMmV-zOYG1w--hbqqdk7BzS2ld_Ph87dmbdsuiR-7l1E8TJpooiXHRE6u1lM9KP26pg0S1Vel7IdqEqKBxU7PK5gLmiZcQcsJk3EwppIqJ9eyhK0NO7ioch_HD8kehucFYopS1lCwSVSYcVxYtOZSEHxi5dPbM7EF1wmshEZmnshZPXbPjT0EV2gTWo9huphyYZv8o7EEXlrUwt8QjaQOABd79U7WXGFSeHqXJ76-J-HRmP164UQtgWpQGzuwcH9lgEP3xa8L-VEvDKgJwMjcR8T7gcA_tTCFtOtjFciK8UvE32Y1VjJZd2fR3qjgJCxNacpkK6mNNevlw2km7ivwAL17TwdorJIypqct79J14wcqsWzTZGmf4-C_xrMHpTyfcy-ZBrdX5vcCNO6TSBGBnGTnvlWYmJ0p4Z49Uu9RjjpkIZTT5qA_mS9fQJSBWz_Jhkz8dF70F_kUmQHDD6qIM3BKRLJpQktW0nGGI_b8j-BE-RJ8UlA21HwTwc3uZLqCjvJNXKLU2Fm9dDjQaDoYbIj_Sv2DNKEzGZjyaQmjmoNLf6zGC5h5CoQZEVJtDPywAdvLJ6_9x6LJBaiWGIpkNUHo72wRVPkWVRAB8vIcYQEj5Oewbey5xj4bT9VCKcO_9EjxRTnx1-Qa7sahhIrc_U8jcPgFKLzqcFHbriZwJTZuA9C4IirX8AyekFadI7JTd96VLWVUVouSowAqrRDD12vXt12xRY-RoIv5UeDb3IBScc0uYZw5llv3ekBgLr2vawgEj-yyUHt8RGsVRCwC3ac-gsqUp8dZfUkpmVqQkKrRj-rog2AET4JCXGexA4NcX_eSptOmgfXqJsINKZs1WYTg96yQtZH0BFM3O5E1fh4kfkS3hlLtZz3DnVXeBOujkM2WEws5qCuSUR7FK9WHIab9Oi6ZhextvuYqhUH9hLxa7-RMCDam9XIrX4tkTe_NtmxKLLT2O6pPL962xY6WTUOadLK5GwgPTcCP7_AOaFnL9mQPiQaxe-60ukQUK3dKh8DlJ1f0bqz7KcL45yuvOauCdWsEqqQSTVONVqNhVorY6oS_AfXUZT7e2Qht33fk0DfYSWqHtasyk6PcweannJs8ROmBaazO9_PKudlPBooNh1OvhAfAgOODOhrE9R-j7y55UNjche-8O5WjJPoBpN2eeW3peA8IbICZj_-jxlt9ZmS_KZ3fHG4M6jg3iaO0NlSvl78U_L4MJiXOLmPhqRwtJMOwBwl4jwtMqPBizFYcnBH0UCuuVggfAjxElQvh9zU6kCHLzFP-UhXuhmAzchhsznrvCz6VZaFIAd8MAZ3_Y8nv4CQIYgh0bGlSv5ImBIocm6RCokSnv75-EQoFD1tNzKb1GjAKUpIonWB_bnXPXlJorVje6n1m4bmHIJMRKx_rwJ6v00qiq51aH34odJRC0iMau32rAnBO-d_No0By3gDbA2ZW-lJOLUzMBY2Lw0Zh3B_fsJqb2rNjaKdXjIdI9lehPwbRNnkrMjCDBUYj5sfCfQi3OMMLfy8RvgNIKonthEvoHo3lsRmy-UXhyggrhKns2jUPa1LHWBsJpcYVq886xyIdhpKHHjZnLpwKtx3v0EuSGDOQ9bmJXO_FU1VFs561OkRByMs3N7I_iAI290pSy0EhgWyjfegHeheoYBBiVdT3zI9in3PtXXwRmuBYWV3vcY4GwETW7wxls2gYknTf_QzIL6wIVYAps36XgG_pOH1JR7b1jV7tq46Lvy6zmEW6Nuv63-Givvom5McnhLaEQJHLGw9K8ZZ4tnV2urx1S--VQNMlji2o4FqCVEnPGTaIRMkyuBiJNSa9lH7aNEt6EQ_NBe3qdo27M-cGaZjnH_-veNqjK-IJpp1p3aHCUsS6tT2r1xVmIdxDKWu_9Z5SDfKLupC0qdeh8cJRd7cLCChDqraEZgkLrSYWmSlufhxM8DkyalzJNV27QKQbP-L5IUQ_zSlThMaEEoI&cid=CAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U&rfl=1%2Chttps%253A%252F%252Fwww.gazetadopovo.com.br%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8593
x-xss-protection: 0
server: cafe
etag: 3013172215444160546
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Jun 2021 03:03:07 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D06 41 KB
15 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 08:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66045
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 May 2022 08:57:47 GMT

GET
H2

200

passback_728x90.js Show response
static.adsafeprotected.com/ Frame 2FCD
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/314658/52815543/xbbe/creative/adj?p=APEucNVyT8h1TbJboIbuJarnRM2nTucaHYxESoOkP-d-wG_wDelcg9w&d=CnkAoCZ_4KCJ40YWea-EHxuUZVp3_QEy6IPv3H8D-igMH7mBUZIPOr4M6wgU3Ogh...
https://static.adsafeprotected.com/passback_728x90.js

3 KB
1 KB

52ms
36ms

Script
application/javascript

3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:25:23 GMT
server: nginx/1.16.1
age: 133252
etag: W/"696b4c19d35efd706805137a8a4b3831"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_728x90.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame FDA5 82 KB
21 KB 122ms
42ms Script
application/javascript 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:32 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1696858
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 81C2 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 25 May 2021 08:57:47 GMT
expires: Wed, 25 May 2022 08:57:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66045
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1565 14 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 19:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 115942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Tue, 24 May 2022 19:06:10 GMT

GET
H3-29 200 pixel
cm.g.doubleclick.net/ Frame 01B9 170 B
188 B 43ms
28ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYxsa3mAEwAQ&v=APEucNVMmKqWVxxq7wafhvDrBS94NrTDO23-yPh1b3jyEoXRBjTq8iX-N8-Xq7A9Miu6LEM8crAcUT12OtJff_EYEOiUd0UFPA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 01B9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1

43 B
1014 B

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYxsa3mAEwAQ&v=APEucNVMmKqWVxxq7wafhvDrBS94NrTDO23-yPh1b3jyEoXRBjTq8iX-N8-Xq7A9Miu6LEM8crAcUT12OtJff_EYEOiUd0UFPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 May 2021 03:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIOuDfKFfncWnmD83MslKNY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 01B9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YK2.CGrru4Qc-8VyIeAliAAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YK2.CGrru4Qc-8VyIeAliAAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKziHxP4VZ3MOODT8t7Lg8c&google_cver=1&google_hm=2

43 B
1014 B

29ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKziHxP4VZ3MOODT8t7Lg8c&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ1_mTogIYxsa3mAEwAQ&v=APEucNVMmKqWVxxq7wafhvDrBS94NrTDO23-yPh1b3jyEoXRBjTq8iX-N8-Xq7A9Miu6LEM8crAcUT12OtJff_EYEOiUd0UFPA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 26 May 2021 03:18:33 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKziHxP4VZ3MOODT8t7Lg8c&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 2FCD 43 B
301 B 370ms
108ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=314658&asId=135a92b4-e6ec-61ca-1e7c-bfacc748caa7&tv=%7Bc:dGTiHe,pingTime:-2,time:245,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1441,beZ:1442,mfA:1445,cmA:1453,inA:1453,inZ:1468,prA:1468,prZ:1508,si:1520,poA:1522,poZ:1558,cmZ:1558,mfZ:1558,loA:1634,loZ:1638,ltA:1685,ltZ:1685%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:r,w:728,h:90,t:78%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:245,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:78,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B231~1%5D,as:%5B231~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:syu2YFB+11%7C12%7C131%7C14%7C15%7C16%7C17%7C181%7C1821%7C183%7C191%7C192%7C1a%7C1b*.314658-52815543%7C1b1%7C1c%7C1d%7C1e1,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us,sinceFw:162,readyFired:false%7D&br=u
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:33 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EE23 22 KB
8 KB 12ms
11ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 25 May 2021 08:57:47 GMT
expires: Wed, 25 May 2022 08:57:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66045
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/ Frame F3D3 17 KB
4 KB 408ms
401ms Document
text/html 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/iframe/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ba16734b204f739291ad671b456538673ecb03becba90d492a5377438f1f30e

Request headers

:method: GET
:authority: live-tag.bannersnack.com
:scheme: https
:path: /banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

content-type: text/html
content-length: 3973
date: Wed, 26 May 2021 03:18:34 GMT
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
etag: "9f150ae51ab44c2f7934cac181f7450e"
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: viPTh_2ArXH1Bl2TZ_2XLh0JfbLpQNeN7VPGGQcq_PjsFcrCAulXWA==

GET
DATA 200
OK truncated
/ Frame 6D06 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edaa073809f6fff199566dc364ddbb6672100d5c4516f519df7ba5db7f60264e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 2FCD 10 KB
10 KB 96ms
38ms Image
image/png 3.250.250.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: 08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
URL: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.250.250.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:33 GMT
last-modified: Wed, 14 Apr 2021 17:24:55 GMT
server: nginx/1.16.1
age: 12868
etag: "b1464a7201f691a1e4cf6fc057919d7f"
x-cache-status: HIT
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10216

GET
DATA 200
OK truncated
/ Frame 2FCD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d69423bf9d71dff80aedf56a2d6ddac6139dbc75dc80e0c5deb7bcec584344f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8354 0
60 B 27ms
26ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gazetadopovo.com.br.mcas.ms
URL: https://www.gazetadopovo.com.br.mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/16456377359281620914/ Frame 6819 16 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16456377359281620914/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f65164f5df0bc5ad32ccea16cacea8995222c94e9dd501302a24dfe653d4687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/16456377359281620914/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 24 May 2021 06:03:19 GMT
expires: Tue, 24 May 2022 06:03:19 GMT
last-modified: Fri, 19 Mar 2021 14:27:13 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 4416
age: 162914
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame D1D9 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 02:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 4462
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Thu, 26 May 2022 02:04:11 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2D58 20 KB
4 KB 302ms
295ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Fgazeta_do_povo%2Fin-article&ciu_szs=300x250&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo-auto-play&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=1648786378804327&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&vpa=auto&vpmute=1&sdkv=h.3.461.0&osd=2&frm=2&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3197258961&sdk_apis=2%2C8&sid=9490A4D8-47E8-4524-9254-B5A2D1945036&eid=44736292&url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&ref=https%3A%2F%2Fwww.gazetadopovo.com.br%2F&dt=1621999113866&scor=2163062668451276&ged=ve4_td4_tt2_pd4_la4000_er17.0.167.300_vi0.0.0.0_vp0_eb16747

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_pt_br.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

9780558ec880072cfd646905e1e3baf8ab910354b7f537f7a6e684595557d9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3696
x-xss-protection: 0
google-lineitem-id: 5681019551
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347846892
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame 81C2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 18:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 118735
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Tue, 24 May 2022 18:19:38 GMT

GET
H2 200 5f1168f467fe453203bf5e94251e266a.js Show response
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/ Frame F3D3 83 KB
22 KB 22ms
21ms Script
text/javascript 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa

Request headers

Referer: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:15:47 GMT
content-encoding: gzip
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
server: AmazonS3
age: 11547
etag: "e9337589164f70d1d2400c1fcce0b739"
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 21968
x-amz-cf-id: MazUeod69ZWRHCX-RqDPtoN_6IPp7M8ottCAh-Crg4oiVnQKuq5OgQ==

GET
H3-29 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame EE23 14 KB
6 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 19:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 115944
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Tue, 24 May 2022 19:06:10 GMT

GET
H2 200 587aca0d4396b0d051096cd6cea1ad2e.js Show response
s0.2mdn.net/sadbundle/16456377359281620914/ Frame 6819 70 KB
18 KB 29ms
9ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16456377359281620914/587aca0d4396b0d051096cd6cea1ad2e.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3154089faaf8ff378de339de9cee5e6be03cbc67645e8c61ec0ee8d747a6369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151756
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18091
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:27:13 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 May 2022 09:09:18 GMT

GET
H2 200 user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/fonts/ Frame F3D3 1 MB
1 MB 21ms
20ms Font
application/x-font-ttf 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/fonts/user_uploaded_tdh_cityburn_revisited_2017_400_normal.ttf
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d

Request headers

Origin: https://live-tag.bannersnack.com
Referer: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:15:47 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
age: 3957
x-cache: Hit from cloudfront
content-length: 1459860
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
server: AmazonS3
etag: "c2cfd15b83f82e9b9ce6579f67d289e7"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/x-font-ttf
access-control-allow-origin: https://live-tag.bannersnack.com
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: AoL5M7xR2f6mepQ1D9TfTjfC-a2YCdvVqhGQ59KEURB_40FaAl2a4w==

GET
H2 200 32511a8a930e2f3acc093d38493bad88.png
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/ Frame F3D3 7 KB
7 KB 80ms
80ms Image
image/png 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/32511a8a930e2f3acc093d38493bad88.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fed343e409c8fed4497bf726aba31f49710aa088b534acd821f188f7bcefb48

Request headers

Referer: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 19:57:26 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
server: AmazonS3
age: 26469
etag: "32511a8a930e2f3acc093d38493bad88"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 7008
x-amz-cf-id: IK_BiDwhgTrI4TD0-_NLzQkZkjNkJs1Iu7PxGg6os7EvbOLcne-mjw==

GET
H2 200 / Show response
stats.bannersnack.com/info/ Frame F3D3 156 B
327 B 353ms
110ms Script
application/javascript 107.22.27.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.bannersnack.com/info/?h=bzplol0q9&n=25&c=bsStats_bzplol0q9

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.22.27.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

d51a6d988d8f649833568ed3caa740dc98e9aa4e50037b7915925a0bab735aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:34 GMT
cache-control: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 2FCD 43 B
301 B 130ms
111ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=314658&asId=135a92b4-e6ec-61ca-1e7c-bfacc748caa7&tv=%7Bc:dGTj6w,pingTime:-10,time:1813,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1621999114407%7C%7Ce1ed8a093452bfe68b34f5c4e0a53f59%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7b2cf5f896834d49dfdb8f8108833dbc%7C%7Cc57436ecae87c1e3ab03016a4fe601b2%7C%7C40bd088aee84eed35fde64a3286426fd%7C%7Caabd28b9b71f8ae03e377b6b8aa01a33%7C%7C041e1a19fcfcc9136e621c100eab3f99%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7Bpci:%7Btdr:1104%7D%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 May 2021 03:18:34 GMT
X-Server-Name: dt40.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D06 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJAjmn6CMlA2ogdZjqWw6oZ6zktRAAKsfdWHu7BvO44Z-US_43YfUR_37lLF3-h3XfmmvsvVudwDqTdplYhkpD63m_mnxw8UNhCj9EbcYo6gCtvyQsoOw6LTBq3g&sai=AMfl-YTKf32ZvqNVMwb_w8YGdTtMvsR2khzD8peZwPoqL99aZsyEdYBTvpzpVpsgtLkmS-5Onv5QoD8y4kKcuuP9b82iyaUwg_SdDtl3Ri7fJQOh_Z8Dwv2y0d1d5tXZBfU&sig=Cg0ArKJSzP_1GR8bOmSeEAE&cid=CAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U&id=lidar2&mcvt=1398&p=311,436,405,1164&mtos=0,1398,1398,1398,1398&tos=0,1398,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1651446792&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621999111605&dlt=88&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 2D58 0
54 B 1069ms
155ms Ping
image/gif 2607:f8b0:4001:c1e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kp4we5rr&c=8567606241338&slotId=4283803120669&qqid=COLXi8ix5vACFV7Auwgd5jELuw&gqid=Cb6tYLXfN76U7_UPloq3IA&fb=ima-html5&sdkv=h.3.461.0&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vmfc=9&vhc=0&ghmsh_eids=44736292
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.461.0_pt_br.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c1e::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D58 0
416 B 55ms
54ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjiTVxWoKV1bEbUUrUn7tjZg_zFY5feSA8t-HJ6FswSxmzmN9nB1qqDqVV8p0NbG_m0VRawcyxhAxEF6VkGdVHUFSvillvx6ZF1LRuSEyovDcXxAlSbPINA2_N0Z5I20gqVdsbv3EMT1F9tAchGXcZGhLZrC_Pge_mMNu44FpS1G9R5Re3x4MlGD9cDxpcfW5DqZGAWzkk7AapxleICDy_lyEhtPuUYevCHi8PLdvsl9I8kY7Dy1hqlNALMUlAqiX63j0rSQTFz20hLGQ9QpKF7azIq1qdWDJyvlFQ5VSj0G8n0-VX5fjxPBwl3YEfQLFy5lUSfk8izGiwaYv0WLs&sig=Cg0ArKJSzAK55WWLGteqEAE&sdkv=h.3.461.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkDqBVIoCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9QABgB&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 26 May 2021 03:18:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6819 2 KB
643 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16456377359281620914/587aca0d4396b0d051096cd6cea1ad2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e74a4ef70abf935fa8800498b5d751663e3511bbee1e3f21d0e445f7883e437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 02:12:18 GMT
server: ESF
date: Wed, 26 May 2021 03:18:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 03:18:34 GMT

GET
H3-29 200 be9125afe7d180ac064e97c11f506704.png
s0.2mdn.net/sadbundle/16456377359281620914/media/ Frame 6819 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16456377359281620914/media/be9125afe7d180ac064e97c11f506704.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d732fc2c73d2e52cbe583b2e0b23fd8dcb9fd8f3a25bef75c809a4a9b9e66a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 06:11:27 GMT
x-content-type-options: nosniff
age: 421627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4757
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:27:13 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 06:11:27 GMT

GET
H3-29 200 e50c3e89a2cc43d0bd697bf110a2eebf.png
s0.2mdn.net/sadbundle/16456377359281620914/media/ Frame 6819 20 KB
20 KB 9ms
7ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16456377359281620914/media/e50c3e89a2cc43d0bd697bf110a2eebf.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e66423fe9b56f0133b0063009b4263343577bad6a36da5a6ec4b1601ba70bf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 06:03:19 GMT
x-content-type-options: nosniff
age: 162915
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20914
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:27:13 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 May 2022 06:03:19 GMT

GET
H3-29 200 5c34d491a8b80c4524be14c9798ff80a.svg
s0.2mdn.net/sadbundle/16456377359281620914/media/ Frame 6819 12 KB
3 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16456377359281620914/media/5c34d491a8b80c4524be14c9798ff80a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e19578d2ab4a5812d27240dfbe5b2f90231958b1acf3f5e03371893037dee57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16456377359281620914/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 06:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3460
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:27:13 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 06:11:27 GMT

POST
H2 200 enqueue Show response
stats-api.bannersnack.com/v1/ Frame F3D3 20 B
378 B 208ms
144ms XHR
application/json 13.224.195.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-api.bannersnack.com/v1/enqueue
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-81.fra2.r.cloudfront.net
Software: /
Resource Hash: 5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 May 2021 03:18:35 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 89bd6e0e-1633-47d7-b9f4-a05483842c00
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60adbe0b-6060e07a6f91bccc260301b3
x-amz-apigw-id: f6qhvGUvIAMFV_A=
content-length: 20
x-amz-cf-id: idF322KLFi-uUKiJ5LPbk-QQ3yxwlGhdMYshDBfF5hfPY5VezVTCTw==

POST
H2 204 csi
csi.gstatic.com/ Frame 366D 0
331 B 900ms
155ms Ping
image/gif 2607:f8b0:4001:c1e::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kp4we42f&c=8567606241338&slotId=4283803120669&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c1e::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FCD 42 B
64 B 37ms
19ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF1U-EUGNbRvwVQpwHBYjKHbLitydtXH8mNTC1PofPCY2S-hMNRa3Eom9rpmfwan60hJQX_o2G1TkLzWfGYnrsIjn_WDvuqKcT44Ee9jE1JHM8EvpyV_8eoxkwCQ&sai=AMfl-YTPjaxu5ypZMSCYSLgpozbAjvlq-IFlE9DTkb_vZBOyrUBtj8SXhWQxRraCAmXSDo1xdToDnF_jMbe3rZ1XXbLe5nN7cRFMFxQWbqJYijhMamrrBQdUavSBG77zWDm_&sig=Cg0ArKJSzFJWHEWQ3cVnEAE&cid=CAASPeRoFa7McQabGBbz0vaKC1zID65XJzJp0N0M77BQTlsBT8vBxmUGAfu5VSCsCQ6bXkhF9YVyTpgu6O13UNo&id=lidar2&mcvt=1176&p=1100,436,1194,1164&mtos=0,1176,1176,1176,1176&tos=0,1176,0,0,0&v=20210524&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2713759382&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621999111160&dlt=113&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 202ms
202ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003220;ord=1621999115136
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE10 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:35 GMT
server: D3-FE10
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.529 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Wed, 26 May 2021 03:18:35 GMT

GET
H/1.1

206
Partial Content

file.webm
r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/acao,ctier,... Frame 366D
Redirect Chain

https://redirector.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/ip,ipbits...
https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/aca...

128 KB
0

72ms
38ms

Media
video/webm

2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/1D2860842B5358E7E1C29882C0C465E187415735.34BF96C6FD9CBC5419D013B5B2CEBB750B8A9707/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5edne7/ms/nvh/mt/1621998986/mv/m/mvi/5/pl/50/file/file.webm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 03:18:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Apr 2021 14:54:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Content-Range: bytes 0-2870762/2870763
Cache-Control: private, max-age=21298
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2870763
Expires: Wed, 26 May 2021 03:18:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:35 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,requiressl,source/signature/1D2860842B5358E7E1C29882C0C465E187415735.34BF96C6FD9CBC5419D013B5B2CEBB750B8A9707/key/cms1/cms_redirect/yes/mh/yt/mip/2a01:4f8:192:5414::2/mm/28/mn/sn-4g5edne7/ms/nvh/mt/1621998986/mv/m/mvi/5/pl/50/file/file.webm
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 698
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 6819 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 255312
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 23 May 2022 04:23:23 GMT

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621999115314&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&n...
https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621999115314&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&...

64 B
330 B

31ms
30ms

Image
image/gif

143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621999115314&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621999115315
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 03:18:35 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Vyx1qU-sqfSSCexUMkpqENhWpD2ZeRSPZ7AFdZ98h2f4ocuUAnRbKg==

Redirect headers

date: Wed, 26 May 2021 03:18:35 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=27893134&%20ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1621999115314&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va11&ns_st_cl=30000&ns_st_pt=0&c3=UOLADNET&c4=*null&c6=*null&ns_ts=1621999115315
content-length: 308
x-amz-cf-id: B8FuKnm6RKN8dEENQIW04UEDO_xAkWdBJXIcnVV0sIA6zEd1Bj1lbw==

GET
H2 200 /
t.dynad.net/pc/ 70 B
423 B 194ms
193ms Image
image/png 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.dynad.net/pc/?dc=5550003219;ord=1621999115315
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE10 / DynAd.net
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:35 GMT
server: D3-FE10
x-powered-by: DynAd.net
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.529 Power Stroke
cache-control: max-age=0
content-type: image/png
expires: Wed, 26 May 2021 03:18:35 GMT

GET
DATA 200
OK truncated
/ 873 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 register
events-api.gazetadopovo.com.br/ Frame 0
0 297ms
296ms Preflight
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Protocol: H2
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.gazetadopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Wed, 26 May 2021 03:18:36 GMT
x-amzn-requestid: 11b4aefb-45ba-459e-a772-5aa030c2cf87
access-control-allow-origin: *
access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,x-api-key,X-Api-Key,x-publisher-id,X-Publisher-Id
x-amz-apigw-id: f6qh6Gy7oAMFm0Q=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ZLRHqxWs5eR-7JuU3PNXr9rd_A8ZhscGKgK1XpvmJn1KhmQ2dX1ENA==

POST
H2 200 register Show response
events-api.gazetadopovo.com.br/ 1 KB
2 KB 332ms
332ms XHR
application/json 99.86.2.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events-api.gazetadopovo.com.br/register
Requested by: Host: www.gazetadopovo.com.br
URL: https://www.gazetadopovo.com.br/assets/vendor-9baf93355710264da6ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-119.fra6.r.cloudfront.net
Software: / Express
Resource Hash: af951c3184dc81e0e9afc593069302843e1b585005eed95d286cb27b4fcdae8f

Request headers

Accept: */*
Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 26 May 2021 03:18:36 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
etag: W/"4c3-hCJKShNh1ZlXouYBo03Aok7cxpQ"
x-amzn-remapped-content-length: 1219
x-amzn-remapped-date: Wed, 26 May 2021 03:18:36 GMT
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: f6qh9H8oIAMFTsA=
content-length: 1219
x-amzn-requestid: 973a4b0b-4d69-455d-aa73-1c0485036c2c
x-amzn-trace-id: Root=1-60adbe0c-0fa450911c1eb7b04b3d9e8d;Sampled=0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 8_0wN0p7yFT33HSSXJ-RX2kcUGJldFYTKga2Jj_sGlaWZ8pfB5uoDA==
x-amzn-remapped-connection: close

GET
H3-29 206 file.webm
r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/acao,ctier,... Frame 366D 19 KB
20 KB 77ms
19ms Media
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

58d4e8bea5aaecd35708270eee543f8ff2854cc4eb4cf089fbdccf166a16b424

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=2850816-

Response headers

date: Wed, 26 May 2021 03:18:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 14:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 2850816-2870762/2870763
client-protocol: quic
cache-control: private, max-age=21298
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 19947
expires: Wed, 26 May 2021 03:18:36 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 2D58 42 B
213 B 43ms
42ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D58 0
186 B 335ms
66ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnbDaTrya1d-YsBtDcUQRQXhGnlsK7QYdew3UMNUz3DqZQAN6Q4Le5__aK4qx1s_qOhLPxllzyV-SsdwniA2Xu4py4WBLeas2EDwRofBxlIvd5fJmBMlevRfZHhnsUPtxVkUe8u5zVISNMYNaJBhHbvegv7U8GK2IrNu3n8TCAOdrOu0eM9o9pI62huXJd1p4a2B2cnb4dmasAc5-P-KNJPpz5s3ZWrYa06mxn6Utuj7qqjcuH7BsRXuUozgdANz9rtnEnvUjrw-8aRiJ8AWNou5sOHAuRKbZJNEeeHGqPnyj2k3U2QDdkv8_n_OekhHHwLW-nMm981hBefjT0&sig=Cg0ArKJSzCjYq5AcADnYEAE&sdkv=h.3.461.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 26 May 2021 03:18:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 26 May 2021 03:18:37 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 2D58 42 B
210 B 270ms
22ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B6hZJCb6tYKKvON6A7_UP5uOs2AvzlL_9RQAAABABII7oriE4AFjsubKxgwRg9ZXOgeAEsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAtoQ1lQfLIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoHSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggHCIBhEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=EThHppbUy3c&label=vast_creativeview&ad_mt=0&acvw=sv%3D897%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1733%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D387377340%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621999117318%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1621999115120&sdkv=h.3.461.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkDqBVIrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IiBBQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 2D58 42 B
210 B 269ms
35ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B6hZJCb6tYKKvON6A7_UP5uOs2AvzlL_9RQAAABABII7oriE4AFjsubKxgwRg9ZXOgeAEsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAtoQ1lQfLIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoHSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggHCIBhEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=EThHppbUy3c&label=videoautoplayed&ad_mt=0&acvw=sv%3D897%26cb%3Dj%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1733%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D387377340%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621999117318%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1621999115120&sdkv=h.3.461.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkDqBVIrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IiBBQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2D58 42 B
110 B 219ms
0ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6azT20CPFvKn9H_ZI4C-PPId3XTkjKp4E6zGF3PIt9Z-Q4DtEywRsRWAXSKzyq8fgSOWres9j3qrdVtuqDf6EixVSfHuOiuRje2uYT-0&sig=Cg0ArKJSzB2AtGn0fxvLEAE&id=lidarv&acvw=sv%3D897%26cb%3Dj%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1733%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D387377340%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621999117368%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1621999115120&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 2D58 42 B
210 B 248ms
22ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B6hZJCb6tYKKvON6A7_UP5uOs2AvzlL_9RQAAABABII7oriE4AFjsubKxgwRg9ZXOgeAEsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAtoQ1lQfLIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoHSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggHCIBhEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=EThHppbUy3c&label=part2viewed&ad_mt=0&acvw=sv%3D897%26cb%3Dj%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1733%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D387377340%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621999117372%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1621999115120&sdkv=h.3.461.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkDqBVIrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IiBBQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame 2D58 42 B
210 B 240ms
22ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B6hZJCb6tYKKvON6A7_UP5uOs2AvzlL_9RQAAABABII7oriE4AFjsubKxgwRg9ZXOgeAEsgEXd3d3LmdhemV0YWRvcG92by5jb20uYnK6AQs0ODB4MzYwX3htbMgBBdoBIGh0dHBzOi8vd3d3LmdhemV0YWRvcG92by5jb20uYnIvmALAuAKpAtoQ1lQfLIk-wAIC4AIA6gIpLzg4MDQvcGFyY2Vpcm9zL2dhemV0YV9kb19wb3ZvL2luLWFydGljbGX4AoHSHpADyAaYA5wEqAMB4AQB0gUGEJ_19ZQVkAYBoAYjqAfs1RuoB_PRG6gHltgb2AcB4AcP0ggHCIBhEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=EThHppbUy3c&label=admute&ad_mt=0&acvw=sv%3D897%26cb%3Dj%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D549,0,0,0,0%26mtos%3D549,549,549,549,549%26amtos%3D0,0,0,0,0%26mcvt%3D549%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D549%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D549%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dvs%3D549%26dfvs%3D549%26dvpt%3D549%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1733%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D387377340%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621999117420%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,549&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1621999115120&sdkv=h.3.461.0&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU2ODEwMTk1NTEyDDEzODM0Nzg0Njg5MkDqBVIrCNAFEBIlAADwQSgBOgt1c2lrR1YwdEM0Y0ILZ29vZ2xldmlkZW9IiBBQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F3D3 672 B
469 B 174ms
0ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/5f1168f467fe453203bf5e94251e266a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://live-tag.bannersnack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 May 2021 02:53:06 GMT
server: ESF
date: Wed, 26 May 2021 03:18:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 May 2021 03:18:37 GMT

GET
H2 200 9eb5a7965855159eddc4ff41d843a8ff.png
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/ Frame F3D3 133 KB
134 KB 160ms
0ms Image
image/png 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/9eb5a7965855159eddc4ff41d843a8ff.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90cb6519104e8399a6e7feea9f3b825afc73c87eb9017581da07bef4c584f8ee

Request headers

Referer: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 16:14:20 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
server: AmazonS3
age: 39859
etag: "9eb5a7965855159eddc4ff41d843a8ff"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 136369
x-amz-cf-id: wc7Pl-HmwlIAdiDLoNm8yJG6t6PBQ0V1Bo8hgHLFOvvjnLPsOE2b8Q==

GET
H2 200 e9a530fc79e38c4df66f4d1cc9b7c3a8.png
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/ Frame F3D3 99 KB
99 KB 212ms
39ms Image
image/png 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/e9a530fc79e38c4df66f4d1cc9b7c3a8.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d62a09f71bfa7bb41290bd6327a32c90048e98aff97d41b8214e0fc73f71825c

Request headers

Referer: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 15:30:38 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
server: AmazonS3
age: 42481
etag: "e9a530fc79e38c4df66f4d1cc9b7c3a8"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 101300
x-amz-cf-id: l2qIYuXC1JY-U7NfT2tD4b9TGQMjILgpGD_DrPIDK0B7z9Q36g5ExQ==

GET
H2 200 a705a07561259f8d533887aa81956c88.png
live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/ Frame F3D3 4 KB
4 KB 211ms
39ms Image
image/png 99.86.2.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/media/a705a07561259f8d533887aa81956c88.png
Requested by: Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-13.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be

Request headers

Referer: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 19:57:28 GMT
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Dec 2020 13:46:16 GMT
server: AmazonS3
age: 26471
etag: "a705a07561259f8d533887aa81956c88"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3708
x-amz-cf-id: J8f3Jkh9sjzh4EYyyVW_gSf4kGMgbEh8harG2X67Q3E1JywFz2v8XA==

GET
H/1.1 206
Partial Content file.webm
r5---sn-4g5edne7.gvt1.com/videoplayback/id/b48a822c7a239630/itag/44/source/dclk_video_ads/requiressl/yes/acao/yes/mime/video%2Fwebm/ctier/L/ip/0.0.0.0/ipbits/0/expire/1622020714/sparams/acao,ctier,... Frame 366D 640 KB
0 194ms
13ms Media
video/webm 2a00:1450:4001:44::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:44::b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.dynad.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

Date: Wed, 26 May 2021 03:18:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Apr 2021 14:54:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Content-Range: bytes 65536-2870762/2870763
Cache-Control: private, max-age=21296
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2805227
Expires: Wed, 26 May 2021 03:18:38 GMT

GET
H2 206 Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame F3D3 320 KB
0 1320ms
65ms Media
video/mp4 2606:4700::6810:c072
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4

Requested by

Host: live-tag.bannersnack.com
URL: https://live-tag.bannersnack.com/banners/bzplol0q9/adtag/embed/25/index.html?t=1607096977&clickTag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCvuGQBr6tYOe9N-TW7_UPkry8wAHi2_n3Yvi6m6eODfAuEAEg0o_GHmD1lc6B4ASgAYzPkd4ByAEJqQIpwDgA1LqyPqgDAaoE1QFP0CnxDn2vPZPz5BCmh4UyOjgq6qHB_SDA_0AsNm1EM7y6lEBdviwOh0DnAQVM4et6nQ-RPUnALg2rZ9ZCAIHJm1V2J4LZBInCigZMMMNX4QIon4GY2HrhBq7OEc-IFXLa3k2LPUhVj3ntx6hhGvjmkd0OnzCfMH1vcmMpmlVwKgikZGsIGJ8YQGPbABF54WOViVnjhLCF55g0gw9e62KfX51qy1gO_jksudCpiupTElIuN0eer7f98h3IEZRnht1Be49evqRfKWdwKyiNmI9QdmWKJ8fABMGhqpuoA-AEA5AGAaAGTYAH3LDuoQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAQBABGB2ACgOYCwHICwGADAGwE8mnzQvQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASPeRoL3qwTkWB3Ug5VewyRb3cuYbxNvhold3Oug7oswCWY3vATBoIHosvLkWlQ3VrA-89sgIjZilcN0ulS0U%26sig%3DAOD64_0_ah04rFoCxPjzX9YKj41q5sFY4Q%26client%3Dca-pub-6330791094260149%26dbm_c%3DAKAmf-AWM16R0H2zhtcjZdGs5HIqDmAIUujz1MkxW1sgV-L6i9MfzXRduQDJpg6O3eAyFdZmKPExYhfbF9eYFWFMXXIWe8O-dq0c2YMCeZb91lkhPmyoIXkfIDtgEwC6nvgk-FCBlKrjy017Ix42ZyS8CQ6wo6vHSw%26cry%3D1%26dbm_d%3DAKAmf-B5gwsS94eSl5VcVeDNcg9p0dSjIkPqxup5BbQgR8l2k3mwOUS4x0hSXtna1Xf8WpCzQdV0LIMmjSAf1qmMRI0khoItNfgXBb37Bch0wia3iDlsARhlzqzybghcyNNQttkNQ47OCuwlcaLu2mQlIvRvnd0xszmzmnXJfqS-ahEMKF9n7GcAu9WHqpUwis8mBZC3anfPJi_T708KqhjGt0q2cicSQxqH0y3e_ATtnSjoAPlidxDeoOGB5oYF5rcim1Fzvrh6DYrKj6bfYb8oBfGb4GvAX6Tf-vp1jb55Qlw5iVVLMwMEQKWT0O9N-nWozaAazdGDWQ6Who-swsKK4OwAPBo7u5kvkB1N5Nlt_1YgMemr7AGskkN64KgIQGsCOEG1hpa7JFe2_LEijX_XyUecQ_jwGuDjTz1gfRecpMd_-xOcRqPNSb-VdCl5RAHzrKVVKrh6gDrg_du5pygq_GWkOwrzmA%26adurl%3D&userId=41947456&networkId=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c072 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://live-tag.bannersnack.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 0a48478410000017660e2f1000000001
x-amz-meta-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age: 540184
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: GT0SY96WSCA6CA56
etag: "4ab603de2ff07572a2a2533cdce01efa"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1606728962775
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Wed, 26 May 2021 03:18:39 GMT
via: 1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: VIE50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-2338520/2338521
Content-Length: 2338521
x-amz-id-2: 0FJx0EmVIdxV4uPaEZdqkR/0+eygSC1fli9i/j0AuMnCTLgOgtMCxye3dqotSUotVGmo6h8c7PE=
x-amz-meta-index-tag: all
last-modified: Mon, 30 Nov 2020 15:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray: 6553db801e9d1766-FRA
x-amz-cf-id: TTDtoNFOFjvGPxeWJWi221KkD58n5TlP7elpBT4WY7JrbEHiMn6bJA==

GET
H2 206 Legs_Education_FR_MASTER.mp4
f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/ Frame F3D3 62 KB
0 1380ms
153ms Media
video/mp4 2606:4700::6810:c072
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://f.hubspotusercontent00.net/hubfs/5474758/Ads/Terre%20des%20Hommes/Legs_Education_FR_MASTER.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c072 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://live-tag.bannersnack.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

cf-request-id: 0a48478414000017665d19b000000001
x-amz-meta-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
age: 540184
x-amz-server-side-encryption: AES256
edge-cache-tag: F-38154537489,FD-38154711878,P-5474758,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
x-amz-request-id: GT0SY96WSCA6CA56
etag: "4ab603de2ff07572a2a2533cdce01efa"
vary: Accept-Encoding
x-amz-meta-created-unix-time-millis: 1606728962775
content-type: video/mp4
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
date: Wed, 26 May 2021 03:18:39 GMT
via: 1.1 a243c19b86829b9271d382d92416109c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: VIE50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
Content-Range: bytes 0-2338520/2338521
Content-Length: 2338521
x-amz-id-2: 0FJx0EmVIdxV4uPaEZdqkR/0+eygSC1fli9i/j0AuMnCTLgOgtMCxye3dqotSUotVGmo6h8c7PE=
x-amz-meta-index-tag: all
last-modified: Mon, 30 Nov 2020 15:19:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: HKvInhsakM6G4tDghL4.AswyD2UDFoi1
cf-ray: 6553db801e9f1766-FRA
x-amz-cf-id: TTDtoNFOFjvGPxeWJWi221KkD58n5TlP7elpBT4WY7JrbEHiMn6bJA==

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2D58 42 B
64 B 196ms
71ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6azT20CPFvKn9H_ZI4C-PPId3XTkjKp4E6zGF3PIt9Z-Q4DtEywRsRWAXSKzyq8fgSOWres9j3qrdVtuqDf6EixVSfHuOiuRje2uYT-0&sig=Cg0ArKJSzB2AtGn0fxvLEAE&id=lidarv&acvw=sv%3D897%26cb%3Dj%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,196,350%26tos%3D2232,0,0,0,0%26mtos%3D2232,2232,2232,2232,2232%26amtos%3D0,0,0,0,0%26mcvt%3D2232%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2232%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2232%26pst%3D-1%26dur%3D30071%26vmtime%3D-1%26dtos%3D2232%26dtoss%3D1%26dvs%3D1683%26dfvs%3D1683%26dvpt%3D1683%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1733%26femvt%3D0%26emc%3D9%26emuc%3D0%26emb%3D7,0,0,0,0%26avms%3Dexc%26qi%3D387377340%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1621999119103%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2232&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1621999115120

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 366D 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
16ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052001&jk=825920634653851&bg=!rK-lr-vNAAZ7hX_Ue4U7ACkAdvg8Wl1f08ajj9tTtx3c4WePZ3Ofi5w90lc1Jt4MgZ0hjmNUb-YElAIAABKPUgAABY9oAQcKAOxX1RfmaETblO0n6UdwL7LZeAthCVKJuRW2cNeodTDQf5rc6fYN2sLAwCPBMwjy6fm5CWvMI8iIl_sjTk9Vp3xL0bIz9211-9uJWbCAhDvAN2tnSDmIsu56Ky3i1v4TCgeY-DM0EjNhRESUNBJ4LN7lIewqgvuUZPJfps6art_cmly9etkalM8A9vEYM4vDhZoNo5msvdgisWCIQIKLIaQiTW5p4KAqMVlbUj0uHXN1qtaJKpqfdeY9oKCsaGQ7jAn3N8Vyl3vsCjc0tJu61Ivw29kWHUbMDCcvV-l3_oSV67hxOgC8JiHLi9pj3pkCVOiP2-uLTEgBLQJIct_PA6nZRqxM-PY8kU5BImDhQ0jQPKR68GXCOyhBrFxqlrXcSnXxVWYUJzyywzuHlQ1zCBPRBRrHffrWgmrqIastgKWPJqbue76jMnsgJI-b29hUfQi5G0a_lJPY4yak2D7uq-cVoZKjN7vAqe1ljjoHFFom9u5lQReYqM-28HiZIn9EmxubrUC6e2nWiUVVHMbNwEqXj2pKS9LhLDrNj3xYXybKflnA7xjr8rVJXdxe-3ZR7EZcbPY1HCwyQlEob2I5ktUi30i-bW78dZw8kr2gj6sw4u8xUimNGHP7oc46ss6bY848-gmEnkOFJutQx1vRcdyT5myAvoql8g5SmgHiZiq_7r6Z7mhDlDRMv3ic8CEw8_FTPas9MJnD8t90oJOy0BTgpHuP-qUjyAucmbhkwvPAjPldCbfuh-7d9vmx-1EMaJ_6ZOs_jycxBKVrJEmyV98nZiLHxboWsNZ1-feeNd5HFl85OXq61Ae2flf7ILFGFqufI2rtnktWcKkU7Xxc1VptCSf_3ATzC0OAUXyUtd7UPGrs7E9Uhb72wpbGmxR28IqFvZuVVsYlHaduEpCs8GCy98RNbQUq8iZEpW6Uclf5du7RPRHPR3N4YqSV0un3sKrQfW4XQDlh9aZZ8ruDsjKQCynrDmAIxPOZoMHGiAVy0d7Nv49Jsta6iEmzRe9r0Ta7UJS7QhHQjkJjinaFaLyvKdEycKlM5KFTBBVROI-Boo28I7Pcd_X7q2xgiaBdsH-6jSmykK0Q6Laiu1If5Y39zCxq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gazetadopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 May 2021 03:18:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/breves/prefeitura-de-curitiba-amplia-decreto-e-decisao-afeta-jogo-do-athletico.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/athletico/athletico-aspirante-decepcao-destaque.json

Domain: json.gazetadopovo.com.brhttps
URL: https://json.gazetadopovo.com.brhttps//www.umdoisesportes.com.br/coritiba/boa-fase-copa-do-brasil-sub-20-coritiba-promessas-destaques.json

Domain: apps.gazetadopovo.com.br
URL: https://apps.gazetadopovo.com.br/cxense/cxense.json

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:56:50	Name: NID Value: 216=W2JLU86iQ9IJlJP6ECjZk901nCiKeMW44D7pm4NUTqmnfLZTzuSu6O0B_rcrQRnQfZKwMjDvMHIX_q0he0BjjYeBjPcQ1akKg0tyZXj0y946ty0yqLHNDa0uIu6wuo7QZfB9NwrRsnH9Dxuezh-pcPMxzhWLQrCMaTzjdneHRR8
www.gazetadopovo.com.br/	1970-01-19 18:33:19	Name: _pc_dezminutos Value: true
.gazetadopovo.com.br/	1970-01-19 18:34:45	Name: __pvi Value: %7B%22id%22%3A%22v-2021-05-26-05-18-23-437-XriBH3w80gW1dgMj-b936ad7ebc1e9e7e2afe591d682f915b%22%2C%22domain%22%3A%22.gazetadopovo.com.br%22%2C%22time%22%3A1621999103771%7D
.gazetadopovo.com.br/	1970-01-19 19:16:31	Name: __pat Value: -10800000
.gazetadopovo.com.br/	1970-01-19 18:34:45	Name: _gid Value: GA1.3.2108938275.1621999102
.gazetadopovo.com.br/	1970-01-20 12:04:31	Name: __tbc Value: %7Bjzx%7DmTYUm08lJyHEWAs9ALXKQvql0_1TFjSVAZVGAhZDMdnemNwdbfk-hESG3dyjGUuQJ_kuAdN8BTTMd-axr0MEOdCGagMlV8TxC31lZUNOEFLyRJgR9XcMjzST7ZAwuLLt_ClXXX7wZd7xhwozNxHCCQ
.gazetadopovo.com.br/	1970-01-19 20:42:55	Name: _fbp Value: fb.2.1621999102891.997696657
.gazetadopovo.com.br/	1970-01-19 18:33:19	Name: _gat_trackerInfocoder Value: 1
.gazetadopovo.com.br/	1970-01-20 12:04:31	Name: xbc Value: %7Bjzx%7DPMUsLKpBV6NMDrwHbSEyzfCznP2Lylzl0gPMndHDCs7arDFpF4TvxLS3A6yXYrYwhBn2LTcP8fgXlDvKuU7-5-yKBcLzxozSdeHK40RF6Tihuyh_7WWVzlLznI0hRrlpfxBIpwSYOqrtuf-p6D_X0DcnyzcaoBouJXrKxksxz20Ucrfb6uQdh0mWiIp-ns_KRDTsTvM5oTYTQTGemTadATUiNpmLmD2llSJbjU8fGAhNzjfEe9LQFSDjmryI66VA-bb_PrT3ndXnIW3OMluI603V_MpU0l5yniX70s41dMU-OF_64_A0NTH_UyCACFdCRhzJtQAdurKgVbjKyuHZ8Q
.gazetadopovo.com.br/	1970-01-19 18:33:20	Name: _hjFirstSeen Value: 1
.gazetadopovo.com.br/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.gazetadopovo.com.br/	1970-01-20 03:18:55	Name: _hjid Value: 58df5f05-7160-4557-8615-e602c8420230
.gazetadopovo.com.br/	1970-01-20 12:04:31	Name: _ga Value: GA1.3.1311363325.1621999101

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=12.198.0(Line 2981) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/settings/initialAudioVolume=50/containerId=_dynad_c_I5550009734_1621999108408159187966/showPubHeader=false
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/load/https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=/8804/parceiros/gazeta_do_povo/in-article&ciu_szs=300x250&impl=s&gdfp_req=1&env=vp&output=vast&unviewed_position_start=1&cust_params=videoplayertype%3Ddynad_in-article%26keyword%3Dvideo-auto-play%26origin%3Dwww%20gazetadopovo%20com%20br%20%26hasFocus%3Dtrue%26bt%3D9000%26UOLDNA%3Dnull%26hasMouseIn%3Dfalse%26keyword%3Dvideo%2Dauto%2Dplay&description_url=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F&correlator=18751284958050696&ad_rule=0&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Fwww.gazetadopovo.com.br%2F%3F
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/active_display/true
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/533/299
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/play
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/resize/350/196
console-api	log	URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html(Line 204) Message: dynad-bridge: dynad-tv-protocol/start-counter

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08c9c2fb9f37ac64fd17b144db4cc2fe.safeframe.googlesyndication.com
3wf9o7mmzc.execute-api.us-east-1.amazonaws.com
adservice.google.ch
adservice.google.com
analytics.twitter.com
api-v3.tinypass.com
apps.gazetadopovo.com.br
assets.gazetadopovo.com.br
b.t.tailtarget.com
buy.tinypass.com
cdn.onesignal.com
cdn.privacytools.com.br
cdn.tinypass.com
cm.g.doubleclick.net
code.jquery.com
comments.gazetadopovo.com.br
connect.facebook.net
csi.gstatic.com
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
events-api.gazetadopovo.com.br
experience.tinypass.com
f.hubspotusercontent00.net
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gdp-prd-data.s3.us-east-1.amazonaws.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
infograficos.gazetadopovo.com.br
json.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
live-tag.bannersnack.com
mcasproxy.azureedge.net
me.jsuol.com.br
media.gazetadopovo.com.br
multimidia.gazetadopovo.com.br
news.google.com
pagead2.googlesyndication.com
play.google.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
r5---sn-4g5edne7.gvt1.com
redirector.gvt1.com
s.dynad.net
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
scdn.cxense.com
scomcluster.cxense.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.hotjar.com
stats-api.bannersnack.com
stats.bannersnack.com
stats.g.doubleclick.net
t.co
t.dynad.net
t.tailtarget.com
tag.navdmp.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
vars.hotjar.com
www.facebook.com
www.gazetadopovo.com.br
www.gazetadopovo.com.br.mcas.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.semprefamilia.com.br
www.umdoisesportes.com.br
apps.gazetadopovo.com.br
json.gazetadopovo.com.brhttps
104.244.36.20
104.244.42.5
104.244.42.67
107.22.27.88
108.174.10.14
13.224.195.81
13.32.21.4
13.32.21.99
142.250.184.194
142.250.185.66
143.204.202.38
143.204.202.71
143.204.214.181
172.217.23.98
178.63.12.147
18.229.193.237
199.232.136.157
2.18.234.21
200.187.199.64
2001:4de0:ac18::1:a:3b
216.58.212.130
2600:9000:2057:4000:1b:3b3:e300:93a1
2600:9000:2057:6800:13:9bf5:7100:93a1
2600:9000:206f:ca00:8:7f48:3500:93a1
2600:9000:206f:e00:6:5b96:3f00:93a1
2600:9000:20eb:5800:1f:3000:7b80:93a1
2600:9000:20eb:6a00:12:af17:6680:93a1
2600:9000:20eb:de00:4:5c96:9080:93a1
2600:9000:20eb:ec00:6:45ad:3580:93a1
2600:9000:214f:4000:1d:7626:ce40:93a1
2600:9000:214f:4600:6:9eb2:5cc0:93a1
2600:9000:214f:7400:16:bc5f:3e80:93a1
2606:4700:20::681a:515
2606:4700::6810:c072
2606:4700::6810:cf3
2606:4700::6811:b8b1
2606:4700::6812:e234
2607:f8b0:4001:c1e::5e
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2804:49c:3104:401:ffff:ffff:ffff:34
2804:49c:3403:2676:ffff:ffff:ffff:6
2804:49c:4208:405:ffff:ffff:ffff:3
2a00:1450:4001:44::b
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c04::9a
2a00:1450:400c:c08::9d
2a02:26f0:1700:d::1737:6ea4
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:298::268b
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
3.250.250.79
34.102.185.99
40.81.121.140
52.217.193.112
52.217.32.8
54.72.219.124
65.9.69.122
99.86.2.119
99.86.2.13
018857cc7fd4802ddabf67e045bed52213cebead94468fb4ba8334f0957c7461
01b275470b7295b8acc7483323bb9e49447942d899d95c65748e13431e9878a7
02cedafe40684ea851c1853ef6d8e230a6966043c9e788c8db4432f8375d4818
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0478f8a286d5e8074dd717ecfdea6fbff972a2a0a4103d7dc9dc4fe680a37c25
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06a1630c35e630a049d5cd68eba29a3a4d3ce26749533c43bbe55cc61ecce183
06bbf295f6e07bd3697fe3f418129fa95371b5c28509260dcd7513ba0759ff02
0763cefe362deddc5a533e71213145d35dcea9c9b80ae9e59a33e90240489e5c
08f35f6879ac4f23abdaeaba1faea10cbae41f0ba7c4cfcb97da89730b087127
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
0a5e2fdeee01580357b0fe44c7c1b73f571722ccf5818ef0147116ff2ce8df0c
0aca65dabd0b6c7afdb20cb34f828e7f3e9b6ad76d66f80c6d9896c9c1a28780
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c05aa731c38619958a190528140a60310cc12f406c4798ed47ed6b583bfecac
0c82694334f81e3edf533351e75b3b804e313b94e4b52b87148d3f7c6f2f2138
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11035f64aa725b1fecd14c2574b1dc0137ac4f3736cf95d8e19ab80ca51d4e36
11ecf8068fb3bee4aac8ed0341f3726565a2978471042e88709b55813ba1fa95
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14fc1273c36f57b1d8020758c6ed16342ee58e0cd8ece66fc33a66f3285ef10b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160d1479448b8748ec94940690dc2b5b2c6660e201d81c8da99a0b639068c425
16f9f05684e6bd86ca7a9169d289485333d3119b7f8e601673af93bcecc812b3
174649bd3e4d2a66bc131e2800ce23c9223825f67004a6b2bc5039f6f6b43f44
1756fb46aa1a7fe26e8c57328db54497ef70236895be1a7160718bb772abe23b
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
17aed327396aa2752f1d381fca20942988d76e7158b48b784b711933bf7ee437
187724f70ee4b0489797a1e57b7851448eb8f44705ae4e27f1877aee681b3294
18a9c08a67e7163c760780c38e453b2632db0b701be41e0ef97bb7e72e949894
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1d1696718111f0ba35a3f0b5425c531dbf987ef06fe710ff1023f2e3c83af004
20c7f4e40382fa05849d164058829e4711f78dedcc4b85c9d964ed4519318edf
20fdc38d216fb194ee793c0dd7747c4b9a6e4787fe00daa50dce4519094d4c0c
23223c068654c7a3736d13b160e43608dd3f524c423fd32822884dc3a54a6e67
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2440b924a2ad61372873b14ce3831cac0292284d9ccaf8f4cbd21a688e379c72
26ed387dacace3a9b1b82887c58391f01be3d834dcf828252e1afeaafe34e13a
27477029c457d44fc7cd63829bae7b0b5f5774d475fe1c73bf0217e995bf72d6
2758d89e79e79286527802577236633cc4e2b2c21e085423984614d5f166bcfb
2aaca02e26a6a0624f18176555865824e1adda828dd4e279b041f5d86fcbd897
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d2dc473ab0f5f864cbf1bbfdf2e971ac5a750e226e1fd44bde4e1288da8966d
2dc4525c53a2721b9e0b858ec72e218e7fc1de72fbdae84653648daed62b89de
2f6255b50bd33353d70e26e12d4df1bfec37fdfe507d10316e9cf8239ddaba48
30c7fd0b6c5f5b476ff5bee81febd11908103579fe6bef467d65c3c593062efc
30ceef5aa4821520534d6639ed22bdc8584a3d636698592388419a71d2a318c0
30f37a07aaf3b0abb069950606681a50821e3f3ea7ff40707267aa735ed73608
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31c179e01f2e3c61edf9a268b59fc98d6f01271c1755dad3b3819c3ab374e75f
322431353dc0ef02ed271dbfe5cf92b93ee792a76a172d3266d7f22fad7a9f33
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35af778414c5f2b45dcd4cfebe81b2cf74bae719ebb1987e0225c0eb4f6ac9a6
35b309235cea3299012113e5f6e763036394a5ad4a43a77c57c0aea998bf3fe2
35dcfaf3dd7c34640d28bd57038a4acf771e8e11a3d52a758a126d5e875c3e74
3646cc3dda1d8691ca19d11710cbcc403a636290e5fdb705b4e377bfcc1ef7fc
367b9f6578bda11ef24583b8e1c073632010f3bb4c8d3677bda789db211f2a89
36bdef3ed9760506f48340e965338ae078011f610212430f9b2fe55e5418750c
36e2f0fb30c9da1032e24b2b7c038f1bc4c1e88c6d42d6ca57d6894d8cf1869a
374ca3e4b712102bcef27be2dcc34b5f4f1d5618c3da94b7f9f7295546224295
376dd2e25dc106117e4f69af18014647cd995728a128de6d1f13387f7346a604
37d25577e88f765d4381881685f8439ff40b2dc900012402af750d4c44d1d2d2
38150ba7f64608a7c340ac60b7937e541f8ea24e4dddb87d50015223e47ddc16
389033bda6df04020f9010686fdac3a0232caddadddf2ea2367954c0aeb5be35
39f0f04f9b7a439d5f0f6aa4756eb1bd97911442321eec16e902fb435229c763
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3bfaabf405d91100fe85f8e2ae81634cee5cbf1a2cdd9c1a305b27eec9751db8
3c53fc306cb9efd68ccbbe77901194b89ed3f20802d54a9bafa72f13a946ff75
3e4b3a58fd8e383e180de6ed3ed7fbccc7b6179f0b946e84cd34c7f6b4d448d8
3e74a4ef70abf935fa8800498b5d751663e3511bbee1e3f21d0e445f7883e437
3e7b3c7c788008407fb5cff39e3bce8ccfce65e47aa31c27eb8e8826f090e88d
3f65164f5df0bc5ad32ccea16cacea8995222c94e9dd501302a24dfe653d4687
4041e351e9d9b31a6a3b2533bbdd7d74e1b6d590c0861a7a37ddf017d4ab1fbc
406f451054322121aefb0b12e69fbed313d2a35093234ffa8a1edcabc81987e7
40d3345ee6b0f20292a76da21c41887b4eee45480c535a06eca711f56efe5fa9
4191e4f2ea7f4a9f8381c77d886fea37cb16f95a676b1baeedb62ee4ac8d1bbe
4231df8fb4004a36075df72d7ab5978e4505c535071e34f37b82eadadcdd536d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
4a2e2e4f88878c05ef463edeed7a911fd7606eab15e870620705bb223fdd47bd
4a50736028cb0eafde674b1c1cbb65e6a6c3c8f8fe7eea6c7e856f790c265c3d
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b4b7adc3b64deeb044ce40860115fef78d63f2cb1a44725e118a107d3d05fd6
4b9f14aad2e54ad79df17ebbdefefd5b255e048b1d9fa08132c496ef0e1d7128
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52696f26e772fcaf37a7d2b55dc13c2384941011a23815bbcef63800291c6954
54db486cb5db345a75c3532967f3ccdbc1cc03260c6526ceac88fdf8b5d12ed7
555e424c7edf624d96ef1e56bda6a0bcb0cfee525e373846ebba63864f30aa20
558a1fea9e74e18bcee039e7931af0fbe5c7ee5f0079f57473387ace28f2203e
55bb2eef71870ee77106282e7503bfb448af6c24a9ec9d97b0a65d98212aa4ef
57c864927d9c581cba66b9e26ee948842cc77e1cf211d13d845f6c6ce0daf7be
58d4e8bea5aaecd35708270eee543f8ff2854cc4eb4cf089fbdccf166a16b424
590e9fd3747f1a5f263d7a5ac3ca5c2429ddbfcd6d51b75af09626a4441c9910
5b1503366662f28135d369469f4c750003f4c04f5b80974aa939e094a0c432ae
5b39e6bc8c914a4c1a02fb556f0c84e2b4baa4d45c04a00039e4548da480574d
5b54b041b8e515f5eb4e44bb06160789c6b1df5d552a9b3b9392341a7b038cbc
5b9ebe7d9691a4b523e4a64ce7c5093afbf8f669f5a0a17e69a1876f5170292e
5c45daafa9d150b121863b9b7e746e7bb3a143e8d8ea49287fcdb49193dcb079
5c9daea6d030ac5e71211fa4d1521fb0cd67c3676f35d034f0047ee095a9d8c3
5d59be5e1977f4c4e71c09be994504798af0a6231392df8af241cf72a185bc92
5f212b5a4760aa6c2c8016eddc5cd076c57b8bbde54a6c39d5e35b43e752a614
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
636bbb70e17146ed0d40f1a37db24450d472e593f3193da75412ed89e849b6c8
63acc27dcd80e568abbd96d95e65e925348eb0f5b0750bb559d91d9a2d1d0393
6706bfce24d8f1ee86d5d618d32c800adfdc1099c8fa00550bb30ae9fa8419c5
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
68216ed78f980c63fc2754887d5894211990b8925a9b975e57ec206d5cd52ba8
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6a25c34cc55d9ea12fbfb931f94f336dcc749de1fc4e556e2372b93d20063ac3
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9a5871523aef5d086116d82eabc5208b0813f52a601b312d6c28c90ef8eabe
6ba5402cef6043213cfd852fc83fce90ca577f637e2063af1c37f61953366995
6c4f3c17a4b949f58d2b51f71745a4236ea1278292ce2b6dbf1a1fe518044463
6d69423bf9d71dff80aedf56a2d6ddac6139dbc75dc80e0c5deb7bcec584344f
6d732fc2c73d2e52cbe583b2e0b23fd8dcb9fd8f3a25bef75c809a4a9b9e66a3
6e6ea38b72668f7977a64ff403eb7d185f51228d15749b397ef3ddce7b3b81da
70deb9da89eb540d2fa684a9306a1bbceb600fb6e4d83bb348b8d4387fb53efa
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73307ce2b78fe8463e45e9b8adde2b2396d1154bdb471be5e56075c4ab34aa41
734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5
73a0bfea558b464f9832e5066d26908b35ae4da8de1fb9eb5431c7d047a25680
74c0f92cf921b0e0c165e4aa0141c4f794d87c28b11977f5f6926f057e5c1d96
74ecfcfe6c9e611b97c12722c96b763c93c54969001ab4d6787df0e2bb2c0e11
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
796b7c426168c17fd0cda987277798ded81c6503a920f1fa4a90b946356ccb6b
7c5c759d89dd4e1b4495b53d3a24edb1de99e256e260c74d339d0183cc48ec11
7cab60fc67f0bcbee3307df4852d61ca49e01aeedb908faa3637f6926af993a8
7fed343e409c8fed4497bf726aba31f49710aa088b534acd821f188f7bcefb48
8081c769c2d9191a1ae2bea8b1409784c0a13d70b83bb2f41d41cc22ef2164e7
80e1dc80b8c68a838f91b1d9e9d1235ea367baa2c77bdf2132df8a544d3de78c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832d8d5a3cabdde474e79d8a510053604d5d19342befbc7b78dc64995652dbba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8347e4fd427970816753600e799b730ea4e0e9eaaf0f296a4489986613ffc3e0
837cc2a7c32ca7976ac13d39a4f1cefae2aee2367b46cb95e46d39ffce5e1aac
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852da19cf10c3fc43a6ab9ab8d3e1b5c59162931b7df7e81db9c4190ce21e024
87475069b20cfb385c2171eb44b8b0af1ca2bde476132fad4c53d82de5af0026
88e5a8dbf7bf2e7cdbd6f3a99e8cf83f8c6b8e27f416643af8dae601784d0556
89bf2cb6713f044775261681cf1080ebacd1f287f92c61dc1fa1cfb37211d175
8ab399aee9f905b5520f293a01cb0a8c207fe9a6cb8167c7ce8307ed799ff234
8b0ffd95ea5a326d9d17b98f4e76b38a0490298b96db5f7a3db5371823e7aeb4
8bfb7593f0870ca5be32bc614714755cc08b17529e8c2e8df55dc76fa79fbefc
8c3d1fdad42634214c048e06d939e06be783e801559b53ddef4752a399856d5d
8d6771c7461194e7ddbf697f831eac6d23f7e38b9d1f8e45b8516ba298d6c7b7
8df8206cdae7eee99465aa071c14d0e1775629fb38107433d8aea6e06bcb3bac
8e4eefbc5f49b129c593c905a9ed2330f65f1cdeb2aa4aff8bb15a82a67533ff
8e8cc72e61ff6f6c0c945a976756d112732c499cd64fc5b207bb213fc84a1e40
8ec6c5b115f5737ef8a927489c8f3f06049c7752fd7ab8b37746ca4a5ce8e39e
8f0f57b973434dab7b055633862ae56f4da7624e1e1e59491e9eb4d4c0559686
90cb6519104e8399a6e7feea9f3b825afc73c87eb9017581da07bef4c584f8ee
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
93d0885e13a1ac4faa990a731665d3a205da31f1d1b5dfe8fb3ca298e63727f7
9423e1d7285e03ace474d412a37ab5708e513636ad1c40ea3478dc2b4221cd9c
947944495de2b8bbe49392067709a3e2ffea85c162f839685e4fe782a4f53f66
9780558ec880072cfd646905e1e3baf8ab910354b7f537f7a6e684595557d9c8
9893949241754aefe6f094e06d476b800b4a35a9a5d3545811053165f54c6135
992bba83c91506222322122d55e57b2a0b966f9e2362ddd604703bac3de4172e
9973fd176a6450ff7e0ed56a7f74d9e9e5f391b982f683e158089ad011cf0c19
99e56450a9a9941d84cb731a453dfaaa613b26104be0bb2bd3b4b9dbfe4f84a2
9a8fd034c62f9ca3a2a61c65aee54bbbfb02b1001653119c21d6b1402126ea52
9b86ceab3181ad0abc55bddbb9804e90b6b2c2d7a663473a6d49132a50ce18a2
9b888dbe0099c87f2a25e1f2f770e222296c2eadd5bd66cb19b51187c38d0220
9ba16734b204f739291ad671b456538673ecb03becba90d492a5377438f1f30e
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
9c2209d3c61e1734d3e0b117dfbc2ed043681d106570203697d45880c7d36ee1
9cd43ff140066a60e4a6dfe283ed72ee83eea9deb619a5510e2696d515ec3d02
9d4d616940d411a94537e925458bb37ec3538e07e9203579cd261a52d1659f6e
9e19578d2ab4a5812d27240dfbe5b2f90231958b1acf3f5e03371893037dee57
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25dc05cd9fee8fbe397554eb7d22573b0a2930e6b883d2ae5931702e762aa4f
a2a873a3d48182cb8251da66c51ba8a93a7d42c6e103ba8a94a17d4109320479
a4702a77ebe38f4291b9ec9f44411e246c865bdf0070746852e803b4d960fc1c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c0938e087a40c05a99d723eaf012958e03b048659bed9b36a2bc63f766d32b
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a5fbbce9960ebd724c035b23c1f9ee31f9cd44ee2d0202af19afe01e01b29d23
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a0a9e194863e5bfee21f7a50e3c4a3224cb2aa5af9e6a95fe342d5699b67cb
a9a4ad0f823bd853e0fc15c2c7985d3405e62b6a5ce37a36c54cde2f91aef94c
ab720a0d7cb0410647be54a7b5b6397479d57a94a78358bcab0b0151db693b62
ac3a92c14118d102cacd87e2685f762787820943829d2ba3ecbdbf942282e698
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfb4a6c89ae97ac13b3c8fb69f96205546f3cf96d1d406caa1861eec6f13c94
aeb1eafffa5088380d9eee07e9d57a123f3b12704079349bbb281f7e7d7b426c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af951c3184dc81e0e9afc593069302843e1b585005eed95d286cb27b4fcdae8f
afba6e308182b28f02233e3c816e99fe5cc51511f90cab2cc6219d652f14f3a6
b0abe9a4ff6d09f8bd1b06cdd4651b72a3963891356ec5915cfcf5105fa4229d
b0bc3071744d4f400c2be998637df4f4970a3347a703b98b4ee090f6396a80b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e4ab0f93e6e2c8a18fbf2a8f263b791f904a3538676487f0431f3396dfb69c
b3154089faaf8ff378de339de9cee5e6be03cbc67645e8c61ec0ee8d747a6369
b3d9a37c3110d0d5edf534a4dd964bb85d8661820e4c39e4c63c96bd2813b726
b48cd5eb38e1f0cdb006c24936622127a941296716987a568c2c400b7c4305fe
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b775ef845d29960dc9db01ba33356d700864ee38b9b15988c1f0e8fbbdaf0749
b83531b52ab388ca2e41c92b3e5916127ed04b6286cbe1192c802640beeb078a
b8f2f0a8d142f55cd42774ec998ba8aefd02c7e68780cb506cccd27852e5e3a3
b959f68d67a202a0bd97233ffbee66a646a248bb58a3e2c5983c8f3d2f98c71c
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
bcfa2c5bb3eedb637c6eaba7508f749869a69ccbd72e33885e07b37f1c88bc90
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bf881207f0c51a462aaa8e58979f0c287b8ae26bd0c13422914e44b684e4ab9b
c08e7ce5d44324cb153d898ae9b1280deb97f608f42f3d43e1f05520f8330046
c0b5329aa0c88c218e906ad2600cbea4cf7bfffaef17a9274a634046e897dc3c
c1d464e893bf9a1014dd85f3cabae0091fc87a4daca2c8908f28c46d1573956d
c2015d08cf877ee0e5feb420c465fc70cff1b10c244e3bf6b9ce00131d542c3c
c212c3df3e7e5446bc8caf716f126f43fc09788db0517a17e0ab4c629d7c30f7
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
c8ec2e2e93b72743364006e9a53e1846f895ff2cebf0fc48fb381535771d88a3
cc33068463b75ac7fad0d842a236d8d2ed2a74cb708b7a4d59fb1d62a2bd7ace
ccdbe7d833507569fab5da9f6139875ad8eeee6d3ee5dc115639d311214f5a06
ce0de76b55d0fe412f363d6d56725c46de31db84b8c65f4cdc56243b9339e315
ce129b6f1649df805159a3e103cca5c514b5ad91e56044bc540e9bf47069c3e2
ce2515141162cbee9958063597c1ca92cf13a2fd6a1f4c98284a6e2a3122f4a5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7999ade59d216aa88a40cb343810e7a85f0ccd7a1042e71a82053b59ee52cd
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
d1fdc83f40b6872fbf82ad027168954ccaa7eee12c7e6fcbe52e26c36bf915de
d20865ab544e7dab6a0553034edc5845335cd7c23375745db9a755c532311463
d38f40f22b54edbf7c0e0b6904e0fc7b7e48ef6cf6a0fa42b11335e0045c09a6
d516bbb0b739b30b7e19a037c80eb8ac78f9152c2aeac8f94ff0e606382d486d
d518bbaf6d084b4d7b030c55b630957ac86019a289f318495a4487b606530d4a
d51a6d988d8f649833568ed3caa740dc98e9aa4e50037b7915925a0bab735aec
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
d62a09f71bfa7bb41290bd6327a32c90048e98aff97d41b8214e0fc73f71825c
d632418dd0721e653de546c8c3f5cd8ef9c89724a2fd68ccfefc96cba9618ffb
d6542b021af6e6e33e9384b6ee9376a78014297e9eb978ee4c19f8a55b7ab36b
d6e0fd2a5540d8a26bbc2f2868a5ddfc300137e6bf05a581b7bf918f9e8a6ba1
d8c294c3ede2b083651be1c300ef0e9f596a9c92947eaa05189702689a028bd9
d99bf1ea70a90213bc28437d4413da189cf244d2b80fba2ccb42de0b3d639727
db112ee5252a8e97845314defa73060bd5001625b6c58c2baf181d520c5372e1
dbfec1092cec5896dd0445cdbc88bc6e0b4bea79f525b2995af2a1ba015a44db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de81d40a2a2d613f79a2936368eb73667bcc627ac191cfe563404cbb4a8dc6af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfc6e59a65fb7a748ab735720994ccee9951dd6b478ec36f38043ea546a8c37c
dfcf7f1b2d25673769aac07fc4a7ee2aed0c6566ac467c6317ea4c30f34808d2
e10ef464497dc7fa51496695a915739386ea0056641ed3d1e0d9f6d839c83cba
e11352fb308b7f24ff6508761675841a5230951c55fd53a28cd06fccdea1d1d5
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e36e842af5f12bbadd9c73fbf17e12e2276023449e50fd704bcffd01cff53568
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b2a278c1ab02a90127fd8191dd79159eefcc5bcda3b45b4945faf2776e979f
e65cdb120ecd176ef87ddbbc328a7aef97a63dab7f4192d4b2d10af60552b33b
e66423fe9b56f0133b0063009b4263343577bad6a36da5a6ec4b1601ba70bf8d
e7df3462f83fb056fb3a63ae58b58146ed709812948fc954f09aede85bcc1e37
e8a8bfd48be42879e71dfa12045fd8f41964e162065e2818214995c2ed0d1eac
e8ce4a0a32c830a6051b2907482e3122be8ad51d495ed58b238c68502b5eb8cf
e9ea13048b57a6cc1364b0ef66887fb5d96f7c8dd2aa37e2d4afcec04d83bab8
eb2064b611a9261b7c42e4dbe8eb5490dc146a9de6989bbd3e46f6e0ddc5f445
eba6e0ef3aa77db65a6692230e363f25971c07192d1cc3bdb95d4fcee1947a8c
edaa073809f6fff199566dc364ddbb6672100d5c4516f519df7ba5db7f60264e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef65c8f34b2bd3c46ee745a69e0bf90744d3499a23e3e3849eb138b62f81f99c
f091002bad9948e083bf04fe03ce488e6cd253af0f36774ed96ad80735311b82
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
f3867a2e3c3d638766fa04292140afcebce0199f5b2e544af9e7da35bc9d03ca
f3bca498f4fa68a5d099135c6b44322e22aa62e509f59fc294d9e53d38475374
f3f662e23645b1b81aaf6eb5901cc9162dc0316b2b48a735c2761493e8ecf1f3
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f757d30328eecfe07e7a011c472595defefb3d9d042f56796f9730a60e9019cc
fccfc2adbaf4c09789fb82e050b803ee7916a51dc80dac2d3b61b105d8c2a40e
fd606387c639b2f58b245b2955d113fc034eb78cc6ec43f361d58a9acce019dc
fd6d343c560c20611901e4c09e6f4da827fdb5957d2e4e2d3047c2e5804d4e6b
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a
fe65e5ed6a0ff0440efc6b64cdcc556eeda097c65d9e1cfdade8863865814fed
fe797578273ad8327b58a0aaab2600e9623f150f4fc8325d3c2a340d3afff3cd
feb699f2436da757a393d59244dc7a76173977b9df919ed97f6c48968c71085f
fefaf3477432f0f3cd7e9d9d744c93e27b44c7d058db0de75e7bbc2015f2c4fa

www.gazetadopovo.com.br Open in urlscan Pro 2600:9000:20eb:ec00:6:45ad:3580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

483 Requests

99 %HTTPS

65 %IPv6

44 Domains

85 Subdomains

80 IPs

8 Countries

7064 kBTransfer

17282 kBSize

13 Cookies

81 Outgoing links

Page URL History

Redirected requests

483 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gazetadopovo.com.br Open in urlscan Pro
2600:9000:20eb:ec00:6:45ad:3580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

483
Requests

99 %
HTTPS

65 %
IPv6

44
Domains

85
Subdomains

80
IPs

8
Countries

7064 kB
Transfer

17282 kB
Size

13
Cookies

483 HTTP transactions
6 data transactions