urlscan.io logo urlscan.io
SecurityTrails logo

www.correiodopovo.com.br Open in urlscan Pro
194.126.175.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://correiodopovo.com.br/
Effective URL: https://www.correiodopovo.com.br/
Submission Tags: krdprod
Submission: On May 30 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 14 countries across 89 domains to perform 706 HTTP transactions. The main IP is 194.126.175.195, located in Amsterdam, Netherlands and belongs to HVC-AS, US. The main domain is www.correiodopovo.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 29th 2020. Valid for: a year.
This is the only time www.correiodopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 189.16.116.12 4230 (CLARO S.A.)
118 194.126.175.195 29802 (HVC-AS)
4 2a00:1450:400... 15169 (GOOGLE)
13 142.250.181.226 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2.16.186.105 20940 (AKAMAI-ASN1)
2 2.16.186.113 20940 (AKAMAI-ASN1)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
1 2 2a03:2880:f21... 32934 (FACEBOOK)
13 52.1.252.251 14618 (AMAZON-AES)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2.18.232.111 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.192.67.210 14618 (AMAZON-AES)
1 5 13.226.159.116 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
22 199.232.137.44 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 35.201.123.184 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.23.208.81 16509 (AMAZON-02)
13 199.187.193.165 47043 (SMARTADSE...)
15 200.198.173.170 7465 (PROCERGS)
1 23 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.193.181 54113 (FASTLY)
7 34.102.185.99 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
19 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
9 185.184.10.30 203690 (RTB-HOUSE...)
9 178.250.0.165 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 143.204.98.31 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 185.33.221.88 29990 (ASN-APPNEX)
4 35.157.246.167 16509 (AMAZON-02)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 213.254.244.23 36062 (DOUBLE-VE...)
1 34.252.41.130 16509 (AMAZON-02)
1 2 142.250.186.38 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
1 3.232.160.141 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 10 141.226.228.48 200478 (TABOOLA-AS)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.111.230.142 16625 (AKAMAI-AS)
4 16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.234.139.177 14618 (AMAZON-AES)
1 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 6 69.173.144.165 26667 (RUBICONPR...)
1 130.211.115.4 15169 (GOOGLE)
3 2600:1901:0:7... 15169 (GOOGLE)
26 2606:4700:20:... 13335 (CLOUDFLAR...)
42 2a00:1450:400... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
6 6 18.193.131.224 16509 (AMAZON-02)
10 43 142.250.185.162 15169 (GOOGLE)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 159.253.128.188 36351 (SOFTLAYER)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 104.111.237.88 16625 (AKAMAI-AS)
2 2 52.58.117.74 16509 (AMAZON-02)
3 6 2001:678:cb4:... 56396 (TURN)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 4 13.248.242.197 16509 (AMAZON-02)
4 5 216.52.2.39 30282 (AS-INAPCD...)
4 4 18.156.0.31 16509 (AMAZON-02)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 185.86.138.131 201081 (SMARTADSE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
1 35.156.106.231 16509 (AMAZON-02)
1 54.89.32.238 14618 (AMAZON-AES)
4 2a02:2638::3 44788 (ASN-CRITE...)
2 2 18.156.12.32 16509 (AMAZON-02)
1 2 34.98.64.218 15169 (GOOGLE)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 52.203.172.63 14618 (AMAZON-AES)
1 2 198.148.27.139 19189 (PULSEPOINT)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 185.86.138.143 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 139.162.117.143 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 3.120.52.76 16509 (AMAZON-02)
2 2 18.194.4.26 16509 (AMAZON-02)
1 141.226.124.202 200478 (TABOOLA-AS)
1 141.226.124.236 200478 (TABOOLA-AS)
1 141.226.124.204 200478 (TABOOLA-AS)
1 141.226.124.225 200478 (TABOOLA-AS)
1 141.226.124.210 200478 (TABOOLA-AS)
1 141.226.124.240 200478 (TABOOLA-AS)
1 141.226.124.194 200478 (TABOOLA-AS)
1 141.226.124.198 200478 (TABOOLA-AS)
1 2a04:4e42:600... 54113 (FASTLY)
1 1 2620:119:50e1... 14413 (LINKEDIN)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 1 13.226.159.129 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 81.222.128.216 20597 (ELTEL-AS)
1 66.155.71.25 13768 (COGECO-PEER1)
1 1 159.65.196.12 14061 (DIGITALOC...)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 52.58.206.142 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 18.158.174.89 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2a04:4e42:3::621 54113 (FASTLY)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
6 104.111.239.217 16625 (AKAMAI-AS)
9 46.236.13.147 24931 (DEDIPOWER)
6 13.226.159.60 16509 (AMAZON-02)
3 81.29.72.47 24931 (DEDIPOWER)
6 54.73.127.151 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
706 119
12    189.16.116.12 (Brazil)

ASN4230 (CLARO S.A., BR)
correiodopovo.com.br
portal.correiodopovo.com.br
118    194.126.175.195 (Amsterdam, Netherlands)

ASN29802 (HVC-AS, US)
PTR: 194-126-175-195.static.hvvc.us
www.correiodopovo.com.br
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
1    2.16.186.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com
ced.sascdn.com
2    2.16.186.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-113.deploy.static.akamaitechnologies.com
tagmanager.smartadserver.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
2    2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
13    52.1.252.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
wfpscripts.webspectator.com
cdn.webspectator.com
11    2606:4700:10::6816:5a5 (United States)

ASN13335 (CLOUDFLARENET, US)
v3.denakop.com
6    2.18.232.111 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-111.deploy.static.akamaitechnologies.com
barra.r7.com
cms-media-api.r7.com
snippets.r7.com
img.r7.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:450e (United States)

ASN13335 (CLOUDFLARENET, US)
plugins.soclminer.com.br
1    2606:4700::6810:ff3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    34.192.67.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
webservices.webspectator.com
5    13.226.159.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-116.dus51.r.cloudfront.net
sb.scorecardresearch.com
2    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
22    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
nr-events.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
ssl.gstatic.com
37    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
d.tailtarget.com
tags.t.tailtarget.com
1    2600:9000:2182:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.23.208.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
receiver.posclick.dinamize.com
13    199.187.193.165 (Canada)

ASN47043 (SMARTADSERVER, CA)
www5.smartadserver.com
15    200.198.173.170 (Pinheiro Machado, Brazil)

ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR)
vacina.saude.rs.gov.br
23    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    151.101.193.181 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
7    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
d.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
8    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
19    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.youtube.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
9    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
2    143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net
stg.truvidplayer.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
3    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
6    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
creatives.sascdn.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    213.254.244.23 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
1    34.252.41.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:2182:b600:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.trvdp.com
1    3.232.160.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
digital2.correiodopovo.com.br
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
5    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
yt3.ggpht.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
16    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.234.139.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
msgws.webspectator.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
12    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2600:9000:2156:f800:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.trvdp.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
data.ad-score.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
26    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
42    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
13    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
6    18.193.131.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
43    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
4    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
2    104.111.237.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-88.deploy.static.akamaitechnologies.com
tracking.m6r.eu
2    52.58.117.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
6    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
r.turn.com
3    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
ce.lijit.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2600:9000:2156:4200:16:9bc3:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
vid870.trvdp.com
1    35.156.106.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-106-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    54.89.32.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p.trvdp.com
4    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    18.156.12.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    52.203.172.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    139.162.117.143 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1601-143.members.linode.com
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    3.120.52.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    18.194.4.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
1    141.226.124.202 (Israel)

ASN200478 (TABOOLA-AS, IL)
t1.taboola.com
1    141.226.124.236 (Israel)

ASN200478 (TABOOLA-AS, IL)
t2.taboola.com
1    141.226.124.204 (Israel)

ASN200478 (TABOOLA-AS, IL)
t3.taboola.com
1    141.226.124.225 (Israel)

ASN200478 (TABOOLA-AS, IL)
t4.taboola.com
1    141.226.124.210 (Israel)

ASN200478 (TABOOLA-AS, IL)
t5.taboola.com
1    141.226.124.240 (Israel)

ASN200478 (TABOOLA-AS, IL)
t6.taboola.com
1    141.226.124.194 (Israel)

ASN200478 (TABOOLA-AS, IL)
t7.taboola.com
1    141.226.124.198 (Israel)

ASN200478 (TABOOLA-AS, IL)
t8.taboola.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    13.226.159.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-129.dus51.r.cloudfront.net
s.ad.smaato.net
2    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
ssp.adriver.ru
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.58.206.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.360yield.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
1    18.158.174.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
8    2606:4700:10::6816:335d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.datatables.net
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
9    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
6    13.226.159.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-60.dus51.r.cloudfront.net
analytics.webgains.io
analytics-wg.webgains.io
3    81.29.72.47 (Croydon, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
6    54.73.127.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.webgains.io
6    2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
w-it.m-t.io
Apex Domain
Subdomains		 Transfer
131 correiodopovo.com.br
correiodopovo.com.br
www.correiodopovo.com.br
portal.correiodopovo.com.br
digital2.correiodopovo.com.br
2 MB
89 googlesyndication.com
pagead2.googlesyndication.com
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
tpc.googlesyndication.com
1 MB
73 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
208 KB
42 taboola.com
cdn.taboola.com
c2.taboola.com
nr-events.taboola.com
trc.taboola.com
images.taboola.com
trc-events.taboola.com
sync.taboola.com
match.taboola.com
sync-t1.taboola.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
pips.taboola.com
cds.taboola.com
253 KB
39 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
1 MB
33 google.com
apis.google.com
adservice.google.com
accounts.google.com
www.google.com
255 KB
19 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
www.gstatic.com
213 KB
18 youtube.com
www.youtube.com
804 KB
17 smartadserver.com
tagmanager.smartadserver.com
www5.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
226 KB
16 webspectator.com
wfpscripts.webspectator.com
webservices.webspectator.com
msgws.webspectator.com
cdn.webspectator.com
118 KB
15 saude.rs.gov.br
vacina.saude.rs.gov.br
1 MB
13 googletagservices.com
www.googletagservices.com
423 KB
12 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
315 KB
12 webgains.com
track.webgains.com
diapi.webgains.com
296 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
23 KB
11 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
2 KB
11 tailtarget.com
d.tailtarget.com
d.t.tailtarget.com
tags.t.tailtarget.com
tt-9964-3.seg.t.tailtarget.com
b.t.tailtarget.com
cm.t.tailtarget.com
t.tailtarget.com
38 KB
11 denakop.com
v3.denakop.com
76 KB
10 yahoo.com
c2shb.ssp.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
7 KB
9 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
9 creativecdn.com
prebid-us.creativecdn.com
2 KB
9 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
125 KB
8 datatables.net
cdn.datatables.net
24 KB
7 google.de
adservice.google.de
www.google.de
882 B
7 sascdn.com
ced.sascdn.com
ced-ns.sascdn.com
creatives.sascdn.com
392 KB
6 m-t.io
w-it.m-t.io
580 B
6 awin1.com
www.awin1.com
4 KB
6 turn.com
ad.turn.com
r.turn.com
3 KB
6 w55c.net
pm.w55c.net
5 KB
6 googleadservices.com
partner.googleadservices.com
531 B
6 r7.com
barra.r7.com
cms-media-api.r7.com
snippets.r7.com
img.r7.com
28 KB
5 lijit.com
ap.lijit.com
ce.lijit.com
3 KB
5 trvdp.com
go.trvdp.com
s.trvdp.com
vid870.trvdp.com
p.trvdp.com
239 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
4 cloudflare.com
cdnjs.cloudflare.com
679 KB
4 criteo.net
static.criteo.net
107 KB
4 adsrvr.org
match.adsrvr.org
1 KB
4 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
2 KB
4 facebook.com
www.facebook.com
459 B
4 facebook.net
connect.facebook.net
162 KB
4 googletagmanager.com
www.googletagmanager.com
159 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 pubmatic.com
simage2.pubmatic.com
image6.pubmatic.com
2 KB
3 dotomi.com
dclk-match.dotomi.com
310 B
3 adnxs.com
ib.adnxs.com
4 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
132 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 instagram.com
platform.instagram.com
www.instagram.com
5 KB
2 2mdn.net
s0.2mdn.net
468 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 contextweb.com
bh.contextweb.com
819 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 openx.net
u.openx.net
504 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 3lift.com
eb2.3lift.com
933 B
2 m6r.eu
tracking.m6r.eu
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 truvidplayer.com
stg.truvidplayer.com
5 KB
2 jsdelivr.net
cdn.jsdelivr.net
7 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
1 sharethrough.com
match.sharethrough.com
355 B
1 e-volution.ai
rtb2-useast.e-volution.ai
233 B
1 360yield.com
match.360yield.com
302 B
1 bidtheatre.com
match.adsby.bidtheatre.com
565 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 adriver.ru
ssp.adriver.ru
340 B
1 smaato.net
s.ad.smaato.net
432 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 linkedin.com
px.ads.linkedin.com
728 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 postrelease.com
jadserve.postrelease.com
427 B
1 advertising.com
pixel.advertising.com
1 ctnsnet.com
gcm.ctnsnet.com
478 B
1 ad-score.com
data.ad-score.com
729 B
1 ytimg.com
i.ytimg.com
22 KB
1 ggpht.com
yt3.ggpht.com
2 KB
1 google.se
adservice.google.se
799 B
1 krxd.net
beacon.krxd.net
338 B
1 doubleverify.com
tps.doubleverify.com
395 B
1 dinamize.com
receiver.posclick.dinamize.com
24 KB
1 quantcount.com
rules.quantcount.com
430 B
1 navdmp.com
tag.navdmp.com
3 KB
1 soclminer.com.br
plugins.soclminer.com.br
32 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 wbtrk.net Failed
um.wbtrk.net Failed
706 89
Domain Requested by
118 www.correiodopovo.com.br www.correiodopovo.com.br
45 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
www.correiodopovo.com.br
43 cm.g.doubleclick.net 10 redirects www.correiodopovo.com.br
googleads.g.doubleclick.net
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
39 pagead2.googlesyndication.com www.correiodopovo.com.br
pagead2.googlesyndication.com
ced-ns.sascdn.com
googleads.g.doubleclick.net
portal.correiodopovo.com.br
tpc.googlesyndication.com
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
www.googletagservices.com
19 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
www.correiodopovo.com.br
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
18 assets.ad4m.at as.ad4m.at
18 www.youtube.com www.correiodopovo.com.br
www.youtube.com
apis.google.com
16 www.google.com 4 redirects www.correiodopovo.com.br
www.youtube.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
15 ad4m.at googleads.g.doubleclick.net
ad4m.at
15 vacina.saude.rs.gov.br www.correiodopovo.com.br
vacina.saude.rs.gov.br
13 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
13 www5.smartadserver.com ced.sascdn.com
12 wfpscripts.webspectator.com www.correiodopovo.com.br
webservices.webspectator.com
wfpscripts.webspectator.com
11 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
11 portal.correiodopovo.com.br www.correiodopovo.com.br
pagead2.googlesyndication.com
11 v3.denakop.com www.correiodopovo.com.br
v3.denakop.com
10 cdn.taboola.com www.correiodopovo.com.br
cdn.taboola.com
9 track.webgains.com as.ad4m.at
analytics.webgains.io
9 bidder.criteo.com tagmanager.smartadserver.com
v3.denakop.com
9 prebid-us.creativecdn.com tagmanager.smartadserver.com
v3.denakop.com
9 apis.google.com www.correiodopovo.com.br
apis.google.com
accounts.google.com
www.youtube.com
8 cdn.datatables.net vacina.saude.rs.gov.br
7 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
7 securepubads.g.doubleclick.net www.correiodopovo.com.br
securepubads.g.doubleclick.net
7 fonts.googleapis.com www.correiodopovo.com.br
vacina.saude.rs.gov.br
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 w-it.m-t.io analytics-wg.webgains.io
6 api.webgains.io analytics.webgains.io
6 www.awin1.com as.ad4m.at
6 as.ad4m.at ad4m.at
as.ad4m.at
6 sync.taboola.com 2 redirects www.correiodopovo.com.br
6 pm.w55c.net 6 redirects
6 ssl.gstatic.com accounts.google.com
www.correiodopovo.com.br
6 adservice.google.de pagead2.googlesyndication.com
6 partner.googleadservices.com pagead2.googlesyndication.com
5 creatives.sascdn.com www.correiodopovo.com.br
5 da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 sb.scorecardresearch.com 1 redirects wfpscripts.webspectator.com
www.correiodopovo.com.br
4 cdnjs.cloudflare.com vacina.saude.rs.gov.br
4 static.criteo.net v3.denakop.com
static.criteo.net
tagmanager.smartadserver.com
4 ups.analytics.yahoo.com 4 redirects
4 ap.lijit.com 4 redirects
4 match.adsrvr.org 2 redirects googleads.g.doubleclick.net
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
4 pixel.rubiconproject.com 3 redirects www.correiodopovo.com.br
4 eus.rubiconproject.com www5.smartadserver.com
eus.rubiconproject.com
s.trvdp.com
4 images.taboola.com www.correiodopovo.com.br
4 c2shb.ssp.yahoo.com v3.denakop.com
4 trc.taboola.com cdn.taboola.com
www.correiodopovo.com.br
4 www.facebook.com www.correiodopovo.com.br
connect.facebook.net
4 connect.facebook.net www.correiodopovo.com.br
connect.facebook.net
4 www.googletagmanager.com www.correiodopovo.com.br
www.googletagmanager.com
vacina.saude.rs.gov.br
tags.t.tailtarget.com
3 analytics-wg.webgains.io analytics.webgains.io
3 diapi.webgains.com track.webgains.com
3 analytics.webgains.io track.webgains.com
3 x.bidswitch.net 3 redirects
3 ad4mat.net ad4m.at
3 static-de.ad4mat.net ad4m.at
3 dclk-match.dotomi.com googleads.g.doubleclick.net
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
3 r.turn.com googleads.g.doubleclick.net
www.correiodopovo.com.br
3 ad.turn.com 3 redirects
3 prod-rtb.ad4mat.net www.correiodopovo.com.br
3 ib.adnxs.com 1 redirects v3.denakop.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 d.tailtarget.com v3.denakop.com
www.correiodopovo.com.br
d.tailtarget.com
3 barra.r7.com www.correiodopovo.com.br
2 b.t.tailtarget.com d.tailtarget.com
2 tt-9964-3.seg.t.tailtarget.com d.tailtarget.com
2 image6.pubmatic.com 2 redirects
2 s0.2mdn.net da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
2 a.sportradarserving.com 2 redirects
2 sync-t1.taboola.com www.correiodopovo.com.br
2 bh.contextweb.com 1 redirects www.correiodopovo.com.br
2 ads.betweendigital.com 2 redirects
2 u.openx.net 1 redirects www.correiodopovo.com.br
2 rtb.mfadsrvr.com 2 redirects
2 vid870.trvdp.com www.correiodopovo.com.br
2 pr-bh.ybp.yahoo.com 2 redirects
2 eb2.3lift.com 2 redirects
2 tracking.m6r.eu 2 redirects
2 um.simpli.fi 2 redirects
2 s.tribalfusion.com googleads.g.doubleclick.net
www.correiodopovo.com.br
2 a.tribalfusion.com 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 www.gstatic.com www.youtube.com
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
2 secure-assets.rubiconproject.com 2 redirects
2 trc-events.taboola.com www.correiodopovo.com.br
2 ad.doubleclick.net 1 redirects www.correiodopovo.com.br
2 platform.twitter.com www.correiodopovo.com.br
platform.twitter.com
2 stg.truvidplayer.com www.correiodopovo.com.br
go.trvdp.com
2 nr-events.taboola.com c2.taboola.com
www.correiodopovo.com.br
2 cdn.jsdelivr.net tagmanager.smartadserver.com
vacina.saude.rs.gov.br
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 webservices.webspectator.com wfpscripts.webspectator.com
webservices.webspectator.com
2 www.instagram.com 1 redirects www.correiodopovo.com.br
2 tagmanager.smartadserver.com www.correiodopovo.com.br
tagmanager.smartadserver.com
1 t.tailtarget.com
1 cm.t.tailtarget.com
1 cdn.webspectator.com wfpscripts.webspectator.com
1 gum.criteo.com static.criteo.net
1 cds.taboola.com cdn.taboola.com
1 match.sharethrough.com 1 redirects
1 rtb2-useast.e-volution.ai da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
1 match.360yield.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
1 ssp.adriver.ru 1 redirects
1 s.ad.smaato.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 pips.taboola.com cdn.taboola.com
1 t8.taboola.com cdn.taboola.com
1 t7.taboola.com cdn.taboola.com
1 t6.taboola.com cdn.taboola.com
1 t5.taboola.com cdn.taboola.com
1 t4.taboola.com cdn.taboola.com
1 t3.taboola.com cdn.taboola.com
1 t2.taboola.com cdn.taboola.com
1 t1.taboola.com cdn.taboola.com
1 bttrack.com www.correiodopovo.com.br
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.correiodopovo.com.br
1 rtb-csync.smartadserver.com www.correiodopovo.com.br
1 ce.lijit.com www.correiodopovo.com.br
1 simage2.pubmatic.com www.correiodopovo.com.br
1 jadserve.postrelease.com www.correiodopovo.com.br
1 match.taboola.com www.correiodopovo.com.br
1 p.trvdp.com www.correiodopovo.com.br
1 pixel.advertising.com www.correiodopovo.com.br
1 imasdk.googleapis.com s.trvdp.com
1 ssbsync.smartadserver.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 data.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 syndication.twitter.com platform.twitter.com
1 msgws.webspectator.com wfpscripts.webspectator.com
1 www.google.de www.correiodopovo.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.se securepubads.g.doubleclick.net
1 digital2.correiodopovo.com.br portal.correiodopovo.com.br
1 go.trvdp.com stg.truvidplayer.com
1 beacon.krxd.net www.correiodopovo.com.br
1 tps.doubleverify.com www.correiodopovo.com.br
1 ajax.googleapis.com webservices.webspectator.com
1 img.r7.com www.correiodopovo.com.br
1 ced-ns.sascdn.com www5.smartadserver.com
1 snippets.r7.com barra.r7.com
1 tags.t.tailtarget.com www.correiodopovo.com.br
1 accounts.google.com apis.google.com
1 pixel.quantserve.com www.correiodopovo.com.br
1 d.t.tailtarget.com d.tailtarget.com
1 receiver.posclick.dinamize.com www.googletagmanager.com
1 rules.quantcount.com secure.quantserve.com
1 cms-media-api.r7.com barra.r7.com
1 c2.taboola.com www.correiodopovo.com.br
1 secure.quantserve.com wfpscripts.webspectator.com
1 tag.navdmp.com www.correiodopovo.com.br
1 plugins.soclminer.com.br www.correiodopovo.com.br
1 platform.instagram.com 1 redirects
1 ced.sascdn.com www.correiodopovo.com.br
1 correiodopovo.com.br 1 redirects
0 google2waycm.netmng.com Failed da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
0 pixel.tapad.com Failed
0 um.wbtrk.net Failed googleads.g.doubleclick.net
706 166
Subject Issuer Validity Valid
*.correiodopovo.com.br
Go Daddy Secure Certificate Authority - G2		 2020-07-29 -
2021-07-29		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.sascdn.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.smartadserver.com
DigiCert Secure Site ECC CA-1		 2020-10-14 -
2021-11-11		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-05-02 -
2021-07-31		 3 months crt.sh
*.webspectator.com
Go Daddy Secure Certificate Authority - G2		 2020-05-12 -
2021-07-11		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
*.r7.com
DigiCert SHA2 Secure Server CA		 2021-02-26 -
2022-03-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-25		 a year crt.sh
receiver.posclick.dinamize.com
R3		 2021-05-13 -
2021-08-11		 3 months crt.sh
*.saude.rs.gov.br
AlphaSSL CA - SHA256 - G2		 2020-11-12 -
2021-12-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-05-18 -
2022-03-26		 10 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
accounts.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.truvidplayer.com
Amazon		 2021-02-17 -
2022-03-18		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2019-11-05 -
2021-12-13		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.trvdp.com
Amazon		 2020-10-23 -
2021-11-22		 a year crt.sh
*.google.se
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
w-it.m-t.io
GTS CA 1D4		 2021-04-09 -
2021-07-09		 3 months crt.sh

This page contains 74 frames:

Primary Page: https://www.correiodopovo.com.br/
Frame ID: 6E2866876C0E77D4CD4815B9DFAAC594
Requests: 330 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Frame ID: A0C346592A214AAA3B6360C64B9142BF
Requests: 1 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: 8E55D999506DF26B82725FDC0B0FD395
Requests: 2 HTTP requests in this frame

Frame: https://vacina.saude.rs.gov.br/
Frame ID: BAEF274CCD7F967563F0A4F7261C0C8D
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1622383579&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383578941&bpp=5&bdt=591&idt=214&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5858417810452&frm=20&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383579&ga_hid=1420106494&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=488355705424272&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Frame ID: 640D11E7082A7E2367FB13838DB79EF4
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 9BB293AE9176A8DD3ABB26FC7CF4F73B
Requests: 3 HTTP requests in this frame

Frame: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Frame ID: 26ADE1A52B5A88661C66B5CEA8D52798
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: 532ACB286F7B7AB5800A3246B36DEDAC
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Frame ID: 4CD1DD579B2210810ACDFF84E9831EB3
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Frame ID: C908D3057615862967600A3B8A542612
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 18AF7457D75691461EAF8E1A40DB6CA4
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: 64854C3D336072A2C3CF23BBDD973CCA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 90E981758C0894F984AC76DF6D030A8E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2E86FA8AA7D87F07BE8156872E670C07
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Frame ID: 56FD3B1231AEAE61023BE00E0D4482CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 754C78AF8434E479FFB03DF1FF0A6C66
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Frame ID: 73F48727CD951161B0604A2F7BBE87BB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: A50A0E95D8673A23786A4D874C7717D7
Requests: 4 HTTP requests in this frame

Frame: https://portal.correiodopovo.com.br/passback/rbanner.html
Frame ID: CE35525536C407A0CD92A163D190A6F0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Frame ID: E952AF268E268DE545FFDFAED777734D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CuC5m3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS8AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgMovvGL9oaooN9INnjVHYj2ERgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjM3OTg1NDQyMDg1MTQ3Ng&sigh=QhKp6MsDvTk
Frame ID: 971258AB904B98A163EE80F08500BA55
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: D4FE63DA834AFD7721EFC2C7A1D4768D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8F15101024290AD616877B5461B4FED
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C6eT13JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS7AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4N48ikn6uRO8HKi6hdyaVPIlmKABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02Mzc5ODU0NDIwODUxNDc2&sigh=Uh5-fNdYNk0
Frame ID: 11BDCBCCB2EEC650410889707B79083A
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: ECCFCBAE3D0302B541D5B475AC397384
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06E186DAF5E1FEC28B840C7EFFB72287
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C-Z9-3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS8AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfRljZVXR6UhOhPNvgfNd0uK-tgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjM3OTg1NDQyMDg1MTQ3Ng&sigh=lPvCo6qeHZA
Frame ID: 40D4D60BFB142D8240A21A82C77C20D7
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
Frame ID: F3B6FBC6143A00AB465D9F7A6F27F913
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05F2B47F039531654ACED09E621E5179
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5C1A553CA26AD5510D9B3706444B5D01
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A56636590A1A9AEA8F217D03856C065B
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3C5BF1B25B594ADD67A0D420F68446B1
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: B0F31F9672CD2C0C3A3DFA26D8AD310C
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: FD6BE825F25290151CCCC72ACCEC99F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 60A42F2AB358C0240D793E1E4C508285
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E2751E72AF83E6C680B7DE8759F7F1F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 12A61FB4222CBA990122529336D1CF73
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9E57CAE78AB3CFA950D2CA2466136B52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&h=280&slotname=4395598142&adk=4288222842&adf=2579204368&pi=t.ma~as.4395598142&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383581670&bpp=3&bdt=139&idt=86&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=3270190933151&frm=8&ife=1&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383582&ga_hid=615227418&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=2393117842&scr_x=-12245933&scr_y=-12245933&eid=44743203&oid=3&pvsid=955214950119609&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.72cmnecup2ig&fsb=1&dtd=103
Frame ID: C70298AB83DCE35B2F0381436DA99F94
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 399EF88CB4DED8B7B35A08D1A4800B2B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5ED95B465CF4B506D543B21F8F9B1722
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 929B57255899355AB0C9A8C9B0727A2C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: 461C5B72F27A6C5167C1A7FC445C5E88
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3C04656E09BAA9AEB2C5E2FEC7BAE8DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3D5DFFF698B10DE23065A88B93198AA
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c&tbid=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e&query=taboola_hm%3D6fb7a77a-55d4-4f0a-9ee6-f395629e574c&isDirect=0
Frame ID: 8591371BE65A8F9C4A15FEE415F8CD7D
Requests: 20 HTTP requests in this frame

Frame: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0A36A0CEEEB5EC28ACF5F5A3720B781C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 993643C90E535E2E5D25741AA0FB53C9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9E29A5129A825C3A2DC649E7A9E5721
Requests: 1 HTTP requests in this frame

Frame: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6CC7D97DFD0FC4F1BC9F196BB0EC8F69
Requests: 10 HTTP requests in this frame

Frame: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F27070F5A7F57D9AC404F23615418FB2
Requests: 8 HTTP requests in this frame

Frame: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06097A422783EF1943DFDAA6250EED74
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Frame ID: 4D8DD51B3B737F51FE64A9F0E4881776
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 51D1FD83BF4DB2A1C522E13F267AF8A8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 721ABCC9E110CA3AAE29596768A2F8E7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: AC4007923EC7B64B51041A832C337BA0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 603C30B0A9075CF9C4F632192FF1538D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E3BC5EB8495EC2FAE216CAB513601889
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9C0C9F8C7574BD6F2BE465B3D22CC724
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 458307064450F9105A5706196A8422A2
Requests: 9 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: B3B4BF0F4E3CBA8BBC17A96AB89C7C47
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 2DAF73557F884B7C01929660ECD58EDA
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 878BA821B8AFF5602CD268C5564E4B12
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 56C7A74B6FE8FE26AC86FA963A6CAB13
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: E078DBBE69F5A5E069E2A338E714C490
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: 223F4F5696ACD672A333DD8223B51011
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: C84667B2D91A22D2C1F493DC5E41FBBA
Requests: 1 HTTP requests in this frame

Frame: https://wfpscripts.webspectator.com/ws-ad.js
Frame ID: D87548F84D6FB709CA591B4FC19CE614
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.correiodopovo.com.br
Frame ID: F408B879BF4A165D177A1751D4704C99
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: DDDE7F11E729E0DBC9EBCF71AFE2E25E
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: B36D3B3460425B2AB24982F8509A81EA
Requests: 19 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Frame ID: C2B4F209A10A1C4CC11A8308526C8B58
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 61A45DF5D36868BC9AF982AAA9268131
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F97F3DFF78CFF40121A3614691CB986
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://correiodopovo.com.br/ HTTP 302
    https://www.correiodopovo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

706
Requests

100 %
HTTPS

44 %
IPv6

89
Domains

166
Subdomains

119
IPs

14
Countries

10681 kB
Transfer

26423 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://correiodopovo.com.br/ HTTP 302
    https://www.correiodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 141
  • https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1622383579146&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1622383579146&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Request Chain 255
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25812006.302184196;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=correiodopovo.com.br HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25812006.302184196;dc_pre=COn39ufJ8fACFcOkdwodpLkCkw;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=correiodopovo.com.br
Request Chain 291
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Request Chain 344
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382137&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580832&bpp=7&bdt=200&idt=250&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=2127520844&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8451&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066430%2C44743003&oid=3&pvsid=744637708219257&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wd7hjmt3mpq7&btvi=1&fsb=1&dtd=269 HTTP 302
  • https://portal.correiodopovo.com.br/passback/rbanner.html
Request Chain 379
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUIK_GvQqbgpRWJssDV78mZFqFNe7GhuuJ3a6t_akgtG2YjaFxiKImsyNisHGY6UPSrKgJRV4ODZWIjKQak3PKlkg2rSIOWV HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUIK_GvQqbgpRWJssDV78mZFqFNe7GhuuJ3a6t_akgtG2YjaFxiKImsyNisHGY6UPSrKgJRV4ODZWIjKQak3PKlkg2rSIOWV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUIK_GvQqbgpRWJssDV78mZFqFNe7GhuuJ3a6t_akgtG2YjaFxiKImsyNisHGY6UPSrKgJRV4ODZWIjKQak3PKlkg2rSIOWV
Request Chain 380
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 381
  • https://um.simpli.fi/gp_match?google_gid=CAESEJBvOEYFIoKvKiCyy1aqCck&google_cver=1&google_push=AQvitULnkeBWH6QDXymRzMRhy6xRTNkC1RMvXZtMTjkefdh_l37JP2kQJGDwTS7sldLfjtPuZDmdKwrekeHQJy2LqeJ4YM0-FWKN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitULnkeBWH6QDXymRzMRhy6xRTNkC1RMvXZtMTjkefdh_l37JP2kQJGDwTS7sldLfjtPuZDmdKwrekeHQJy2LqeJ4YM0-FWKN
Request Chain 382
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENqHlmdGnvdM-NM9n5q6luk&google_cver=1&google_push=AQvitUJLeBMAZN8gdn1PVWXnd-FDuvutykOi8x-yUN9U6QYdjMbt6aTQAiE5HETI_hhgbel0MQxGAehpCtlsvdoBDCXzwNe4CWU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJLeBMAZN8gdn1PVWXnd-FDuvutykOi8x-yUN9U6QYdjMbt6aTQAiE5HETI_hhgbel0MQxGAehpCtlsvdoBDCXzwNe4CWU&google_hm=4IbvOovRRDqqEiDRGjjORso
Request Chain 383
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJo7gE1wuzEz2DfbEknJLhw&google_cver=1&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBgn8s1Z4yRcgAEQfFMV7S2aQ7RbqdqJcSMTRp2O9P HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJo7gE1wuzEz2DfbEknJLhw&google_cver=1&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBgn8s1Z4yRcgAEQfFMV7S2aQ7RbqdqJcSMTRp2O9P&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Ctx2lWGF2w4YPPpUNfx4mA&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBgn8s1Z4yRcgAEQfFMV7S2aQ7RbqdqJcSMTRp2O9P
Request Chain 384
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPmt_GTGPTyyZduAoULt0Lw&google_cver=1&google_push=AQvitUJW5_p94IIHE8y_VnUhaytIrpFgvtnGnZqKo6jxOkiKZDEH0PwerxsX4U_AhPDpokM7jRynYMvukvKfe3xSy4rlovCV4NU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQVktMUItOTk2Rg==&google_push=AQvitUJW5_p94IIHE8y_VnUhaytIrpFgvtnGnZqKo6jxOkiKZDEH0PwerxsX4U_AhPDpokM7jRynYMvukvKfe3xSy4rlovCV4NU
Request Chain 385
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDENuVFPiPJXo5CgmQYyAfA&google_cver=1&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j&google_gid=CAESEDENuVFPiPJXo5CgmQYyAfA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyODk4ODcxODgwNzkxMTk2&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j
Request Chain 387
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFwEkybtqG3NI7zwqs8NtSA&google_cver=1&google_push=AQvitUIpldPJpR60kynA4UuxYn2ltuXrTUcrXt32-ya-ZgfPwPzUcSn5RNduzWVF3rB_R65LXZM56cQPRQ1blCI6rlFF1x4nf-0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyNDk2MDc2MjIyMTUzMTQ1Nw== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFwEkybtqG3NI7zwqs8NtSA&google_cver=1
Request Chain 391
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPmt_GTGPTyyZduAoULt0Lw&google_cver=1&google_push=AQvitULTnwcAx0fs-nKkouar9jOxHsTJpA4IgiWaxwwvfFp5ZmemRLdWnSE2Fuw9yhXpIJHAy1-DSdOx8tpnZWAbJKvdWtNFODY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQkEtMS0yN0k0&google_push=AQvitULTnwcAx0fs-nKkouar9jOxHsTJpA4IgiWaxwwvfFp5ZmemRLdWnSE2Fuw9yhXpIJHAy1-DSdOx8tpnZWAbJKvdWtNFODY
Request Chain 392
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKsp9YapSZ94ax7abZzpUJU&google_cver=1&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7dvSIuK4uxq4 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKsp9YapSZ94ax7abZzpUJU&google_cver=1&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7dvSIuK4uxq4&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7dvSIuK4uxq4&google_hm=be458aa7fe493f137bf1b9a5
Request Chain 393
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECScZqsCwqfIhv7mR5xqsuc&google_cver=1&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZufevLJRweoWJmIuMWfksH8lrSykG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECScZqsCwqfIhv7mR5xqsuc&google_cver=1&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZufevLJRweoWJmIuMWfksH8lrSykG&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16Z0wyaVhsRTJ1R3llNVNibTFFOGJLT3U0VmZUY25yNX5B&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZufevLJRweoWJmIuMWfksH8lrSykG
Request Chain 411
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUJQ2BYoj5kh4xtz5sTy6V4qwLpw81BGvTCu8Us97tZDI2upksr4wy9pl0UFaC5y-bsOqoU20MCs38ST7Zvnz2ZyRyYJaAVH HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUJQ2BYoj5kh4xtz5sTy6V4qwLpw81BGvTCu8Us97tZDI2upksr4wy9pl0UFaC5y-bsOqoU20MCs38ST7Zvnz2ZyRyYJaAVH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUJQ2BYoj5kh4xtz5sTy6V4qwLpw81BGvTCu8Us97tZDI2upksr4wy9pl0UFaC5y-bsOqoU20MCs38ST7Zvnz2ZyRyYJaAVH
Request Chain 412
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 413
  • https://um.simpli.fi/gp_match?google_gid=CAESEJBvOEYFIoKvKiCyy1aqCck&google_cver=1&google_push=AQvitUKKNP3C9XvMxVNqhN18EXbmeDgso_rtXxDXHLQCT6vZekPye_6uNOSSSqB45gU0o2OdgO9GnYbFLwEtQw7-vB-OQMc-Wps HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitUKKNP3C9XvMxVNqhN18EXbmeDgso_rtXxDXHLQCT6vZekPye_6uNOSSSqB45gU0o2OdgO9GnYbFLwEtQw7-vB-OQMc-Wps
Request Chain 414
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDjzDiOXgHW9JJXVSNCiU7c&google_cver=1&google_push=AQvitUJnxmHXA3RJN4rICA0oBQzdvh6JoPWPNzNidH6KgJiWc18I2NBEDpx0U0G5mVSVLK4_uqlvqjg5lCLm4pTry1zo3r3CsFil HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJnxmHXA3RJN4rICA0oBQzdvh6JoPWPNzNidH6KgJiWc18I2NBEDpx0U0G5mVSVLK4_uqlvqjg5lCLm4pTry1zo3r3CsFil&google_hm=NDg3MTYzNTk1MzQyMTczNTE2Mw%3D%3D
Request Chain 415
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPmt_GTGPTyyZduAoULt0Lw&google_cver=1&google_push=AQvitUIuj7wSlLjmHJtN_fY6PZGX_XeiHGANhbbewE6uCVra9YVK82yAlZyBwrcWGbcLxtk8REPVOBtrTH2giQiQosCP0_TVoHcy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFORFEtUS1HRUhW&google_push=AQvitUIuj7wSlLjmHJtN_fY6PZGX_XeiHGANhbbewE6uCVra9YVK82yAlZyBwrcWGbcLxtk8REPVOBtrTH2giQiQosCP0_TVoHcy
Request Chain 416
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGUHMFH4S0N_KiISN5VC3eE&google_cver=1&google_push=AQvitUInS8EKPeHBC0VS010lIKqNp5m7b_2FguA4MiQtUxzJBLUN1rBE6Wvb42ymkrbb2X-nZMeY-Y7-oJvXj1MWCJ1RPPq-yv4P HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUInS8EKPeHBC0VS010lIKqNp5m7b_2FguA4MiQtUxzJBLUN1rBE6Wvb42ymkrbb2X-nZMeY-Y7-oJvXj1MWCJ1RPPq-yv4P&google_hm=NDk5OTQ1MDQ2NjU1NzYzNjE0MA%3D%3D
Request Chain 446
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Request Chain 447
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc&_origin=0&gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESENNRmrvHvNiK7ifCNTVHekg&_origin=0&gdpr=1&gdpr_consent=&nsync=1&google_cver=1
Request Chain 463
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c&tbid=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e&query=taboola_hm%3D6fb7a77a-55d4-4f0a-9ee6-f395629e574c&isDirect=0
Request Chain 464
  • https://u.openx.net/w/1.0/sd?id=543998486&val=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=
Request Chain 466
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=62c25d4d-6ab1-5296-a303-8f7fc3b014a1
Request Chain 468
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DBMwoTZ1rXD5&ev=1&orig=trc&pid=562107
Request Chain 469
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=9193771210727202567&orig=trc
Request Chain 470
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFYMOBZiuCRp3AW9zfdiI9s&google_cver=1
Request Chain 472
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ada1d640-8e19-452d-b3d5-eb8afa5093a0
Request Chain 478
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7065b4f9-4577-43b5-873a-e399e77ca1f9
Request Chain 479
  • https://id5-sync.com/s/464/9.gif?puid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOJ-NxumCvhGdTshYL-41U9Uic7VyP5IGHDrGncA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOJ-NxumCvhGdTshYL-41U9Uic7VyP5IGHDrGncA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=b24f97d0-40d1-47c3-864f-924cee95ae34&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENYRg1yuR8W7rTRXFBtqMZw&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENYRg1yuR8W7rTRXFBtqMZw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESENYRg1yuR8W7rTRXFBtqMZw%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=9082936966882120102&opid=apx&ops=&utidl=tech:goo:CAESENYRg1yuR8W7rTRXFBtqMZw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17773897474&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=d48598aabcc7a69ae8570ef7eb7ff19e&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=cae170d1-8205-4829-a8fd-0ef7bf6de4c0&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 480
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZvfuOFmiC1CPLR1S35uzYA
Request Chain 482
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2de430ef-b1b9-4f5d-9a77-c0b534508b15&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4a1dbdbc-7e80-4d01-a13a-7ea5b2c858de
Request Chain 567
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENOKKL7-OCjICctkNdtz9xc&google_cver=1&google_push=AQvitUIkJDnJIZbRl1-DrnLJ4qiP82XudPreo2EXOn5036pW6Hn86o-NbRy7KU9-ds-imBYVQJ6n6vRciN_rXNlTEJ3YuUr5hPuY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ==&google_tc= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECCJsO1CoL04zX3RnbiaH14&google_cver=1
Request Chain 568
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cver=1&google_push=AQvitUJPsT9COPGcUtpAHk87j3jYgJlQM47D7fT3pk8sAvvuptyEMyD8hH3DUj1i-cF9o6gqnbnkoZPOVyVrnQCiCjmLPm5_1mA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cver=1&google_push=AQvitUJPsT9COPGcUtpAHk87j3jYgJlQM47D7fT3pk8sAvvuptyEMyD8hH3DUj1i-cF9o6gqnbnkoZPOVyVrnQCiCjmLPm5_1mA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=amNzRHFnZ3AxTE5tNTk1&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cver=1&google_push=AQvitUJPsT9COPGcUtpAHk87j3jYgJlQM47D7fT3pk8sAvvuptyEMyD8hH3DUj1i-cF9o6gqnbnkoZPOVyVrnQCiCjmLPm5_1mA
Request Chain 569
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMNKx7cK92MEq3V_XO6b2X8&google_cver=1&google_push=AQvitULm8QFNGuBNXjbZLnYELPF_F44HUm9cFMOqMtpMppiEWGaoQ-mJsLjhYzPOPDsA6gRZvNNfgomY2pM68SD4BPl8-Mi2-x5c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULm8QFNGuBNXjbZLnYELPF_F44HUm9cFMOqMtpMppiEWGaoQ-mJsLjhYzPOPDsA6gRZvNNfgomY2pM68SD4BPl8-Mi2-x5c
Request Chain 570
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFTS-EVha2Pl_B061blEBgE&google_cver=1&google_push=AQvitUJ0QXMYBi0A3wvXqHdMHLgf6v-Usfc2iZ1xNh4RyurFgNRCBy5Nh-x4yHvycSdnv_2lXbwsDItH8UtxTRJaEXH2_I5EQ9xl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA4NDQzMDU1NTcwNzUzMw%3D%3D&google_push=AQvitUJ0QXMYBi0A3wvXqHdMHLgf6v-Usfc2iZ1xNh4RyurFgNRCBy5Nh-x4yHvycSdnv_2lXbwsDItH8UtxTRJaEXH2_I5EQ9xl
Request Chain 571
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAbLY7ws8WWSimN8Lwa0Oqk&google_cver=1&google_push=AQvitUKiYH8pXRy59UGrbS5q6awZ8pL0GyinZCYepEFJrloLIxDAwSPcDzOMH3OAhNLdvykT4WjyE5zqc_VuZox8BE2BQO8vEHMG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKiYH8pXRy59UGrbS5q6awZ8pL0GyinZCYepEFJrloLIxDAwSPcDzOMH3OAhNLdvykT4WjyE5zqc_VuZox8BE2BQO8vEHMG
Request Chain 574
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 575
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENOKKL7-OCjICctkNdtz9xc&google_cver=1&google_push=AQvitUK1p341-k7yHgz84U4bYt0NKQfsoNW8wtqV4dU3ttgfJrbSjTersiRs6bhFDhYVBINWSwFH5ZEgUANC_xHq_RlbVo9bckuE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ==&google_tc= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAevAfpp1pcFg0rW2BrBDm4&google_cver=1
Request Chain 579
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEE2QIIuDad58swfTRlgnoz0&google_cver=1&google_push=AQvitUJI9VjBCugy4BI33nOmiUvU6wbH4fRIVwieOi9ks9qByP3kGnhYxtEbSS7-J36748ULzNwsB421qHY7LdFhvYbhkBoNfvpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUJI9VjBCugy4BI33nOmiUvU6wbH4fRIVwieOi9ks9qByP3kGnhYxtEbSS7-J36748ULzNwsB421qHY7LdFhvYbhkBoNfvpQ&google_hm=QXZ5MURGMTd0emxOQzUzaFEtcVVLX0E=
Request Chain 580
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMUICNxhCkQ-45bBA3BUxU4&google_cver=1&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6dicKYM-vGB8FA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMUICNxhCkQ-45bBA3BUxU4&google_cver=1&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6dicKYM-vGB8FA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6dicKYM-vGB8FA&google_hm=f468e32a2f45a81de2759aea
Request Chain 581
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPy-9LKnyl2jhgVJgGX2OfU&google_cver=1&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ijhmlc6NQqe0_tLa0J4wRbRZ1eGbSw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPy-9LKnyl2jhgVJgGX2OfU&google_cver=1&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ijhmlc6NQqe0_tLa0J4wRbRZ1eGbSw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CZGEyUmFkRTJ1RVdxLmFESTcxejBVRnF3Q20xaEdQRH5B&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ijhmlc6NQqe0_tLa0J4wRbRZ1eGbSw
Request Chain 584
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEETFcGlSvOhF2PCH6cGHM4I&google_cver=1&google_push=AQvitUJmXRiWsNSZOmq9d_RNNHCpTYLCac8kETaXfq86xoRJ0gmFcR8bSClSbhwUS2WJi1K3ypQxXVyF1yNwqq0To7OvCns3S-k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUJmXRiWsNSZOmq9d_RNNHCpTYLCac8kETaXfq86xoRJ0gmFcR8bSClSbhwUS2WJi1K3ypQxXVyF1yNwqq0To7OvCns3S-k
Request Chain 585
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENV9_eO6Wetz1YzCr4TX5_Q&google_cver=1&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng&google_hm=MjI4MDEwMjUwNjI4OTkyNTEy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng&google_hm=MjI4MDEwMjUwNjI4OTkyNTEy&google_tc=
Request Chain 586
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENDUWmXz3ya14Nt_t80hzdo&google_cver=1&google_push=AQvitUJIeqiVHfnCg845e5anLHU7Vt7NFg0qLr4C4eyDyeo18ZPaEFaN2BVWWqvysAtsm3kyLT5MJLuKRGT4gNWoqJoW1Iv4fBs HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENDUWmXz3ya14Nt_t80hzdo&google_cver=1&google_push=AQvitUJIeqiVHfnCg845e5anLHU7Vt7NFg0qLr4C4eyDyeo18ZPaEFaN2BVWWqvysAtsm3kyLT5MJLuKRGT4gNWoqJoW1Iv4fBs&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6x271gZISeK2Zl89g9BOtA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIeqiVHfnCg845e5anLHU7Vt7NFg0qLr4C4eyDyeo18ZPaEFaN2BVWWqvysAtsm3kyLT5MJLuKRGT4gNWoqJoW1Iv4fBs
Request Chain 587
  • https://match.360yield.com/match/ebda?google_gid=CAESEGsugBTuETKyysite0-9Zjk&google_cver=1&google_push=AQvitUK90Tob9HPqDXKQeqQljrjV43FEz24sc9dg60Jy6MKZjusYK0i54DCs7SMVzlb9ha9iBo_EaJkuluz_FdDbhy4LsxuazQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sk-X0EDRR8OGT5JM7pWuNA&google_push=AQvitUK90Tob9HPqDXKQeqQljrjV43FEz24sc9dg60Jy6MKZjusYK0i54DCs7SMVzlb9ha9iBo_EaJkuluz_FdDbhy4LsxuazQ
Request Chain 589
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEC4B79VMq2KoEg9wc0cCI3A&google_cver=1&google_push=AQvitUJT9S2rK3cED0BTjvEa2Ckefzpw1UMCXgAyCZR9vwdhsHCOdNKjTz2FVZEBaW9m87XVEoM8h4GAhzY7Uug-Q-hIoqngCPDJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjBlZDg2ZGYtMzM0MC00ZmFkLWE0NmUtZGVlNDk1Njg5NTNl&google_push=AQvitUJT9S2rK3cED0BTjvEa2Ckefzpw1UMCXgAyCZR9vwdhsHCOdNKjTz2FVZEBaW9m87XVEoM8h4GAhzY7Uug-Q-hIoqngCPDJ
Request Chain 591
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 592
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 593
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 701
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm=&google_ula=862479430&google_tc= HTTP 302
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECo6u0ImKK_L0KP53bCNprQ&google_cver=1&google_ula=862479430,0

706 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.correiodopovo.com.br/
Redirect Chain
  • https://correiodopovo.com.br/
  • https://www.correiodopovo.com.br/
302 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
23065ac50fbf4fe67ecd0005b53442c0fd7f35c15f60c0504a7b806f3907ec4b

Request headers

:method
GET
:authority
www.correiodopovo.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-type
text/html;charset=utf-8
content-length
48501
vary
Accept-Encoding
server
nginx/1.12.2
cache-control
max-age=240
expires
Sun, 30 May 2021 14:10:18 GMT
x-cacheable
YES
x-cache-rule
YES with ttl: 60.000 /
content-encoding
gzip
age
30
x-cache
HIT
v
5
accept-ranges
bytes

Redirect headers

cache-control
private
content-type
text/html; charset=utf-8
location
https://www.correiodopovo.com.br
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Sun, 30 May 2021 14:06:16 GMT
content-length
149
css2
fonts.googleapis.com/ 		5 KB
710 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4bbc9cabb74840a85dbdb6dc7dd227f1a7745600b530cd305c1bdcd66165f267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 14:06:18 GMT
server
ESF
date
Sun, 30 May 2021 14:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
913fae55662b6256d4a561fc2e1e3f0b414a4fe0bd74c10b1d5aefdd06e90226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"887 / 7 of 1000 / last-modified: 1622153345"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21420
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:18 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:18 GMT
smart.js
ced.sascdn.com/tag/1320/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1320/smart.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
58bbcfe2bbcaf517a2d56e6e0a932582d638739d2f9fcd04d617bd8c389b9aec

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:18 GMT
Content-Encoding
gzip
Cache-Control
public, max-age=100
Content-Length
11679
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
smart.prebid.js
tagmanager.smartadserver.com/1320/71754/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
64872f9d07c6c4a91d9e1febf7e3908b8637c88e31e409786a34a616ff8a7d27

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 11:26:21 GMT
Server
Apache/2.4.25 (Debian)
ETag
"3a25-5b437a5cc34e7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3506
Expires
Sun, 30 May 2021 14:16:18 GMT
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:24:31 GMT
server
ESF
date
Sun, 30 May 2021 14:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:18 GMT
css
fonts.googleapis.com/ 		13 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300italic,400italic,700italic,400,700,300
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:54:36 GMT
server
ESF
date
Sun, 30 May 2021 14:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:18 GMT
bootstrap.min.css
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

:path
/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
3
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18137
expires
Tue, 29 Jun 2021 14:06:18 GMT
belamais.css
www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/belamais.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8

Request headers

:path
/polopoly_fs/3.232526.1615315562!/belamais.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.232526.1615315562!/belamais.css
last-modified
Tue, 09 Mar 2021 18:46:03 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 		146 B
365 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a

Request headers

:path
/polopoly_fs/3.194.1594145527!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/style.css
last-modified
Tue, 07 Jul 2020 18:12:08 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 		865 B
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b

Request headers

:path
/polopoly_fs/3.302.1615315537!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/style.css
last-modified
Tue, 09 Mar 2021 18:45:37 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
comments.css
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 		310 B
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/comments.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33

Request headers

:path
/polopoly_fs/3.259.1551461019!/comments.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/comments.css
last-modified
Fri, 01 Mar 2019 17:23:40 GMT
server
nginx/1.12.2
age
3
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
197
expires
Tue, 29 Jun 2021 14:06:18 GMT
video-js.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video-js.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab

Request headers

:path
/polopoly_fs/3.256.1551461012!/video-js.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video-js.css
last-modified
Fri, 01 Mar 2019 17:23:33 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
video.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		561 B
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c

Request headers

:path
/polopoly_fs/3.256.1551461012!/video.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.css
last-modified
Fri, 01 Mar 2019 17:23:33 GMT
server
nginx/1.12.2
age
3
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
339
expires
Tue, 29 Jun 2021 14:06:18 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/ 		2 KB
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85

Request headers

:path
/polopoly_fs/3.237.1615315513!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.237.1615315513!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:13 GMT
server
nginx/1.12.2
age
24
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
463
expires
Tue, 29 Jun 2021 14:06:18 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/ 		39 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b

Request headers

:path
/polopoly_fs/3.234.1615315510!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.234.1615315510!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:11 GMT
server
nginx/1.12.2
age
25
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
59
expires
Tue, 29 Jun 2021 14:06:18 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/ 		38 B
314 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692

Request headers

:path
/polopoly_fs/3.231.1615315500!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:45:06 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
tags.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.carousel.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1388
expires
Tue, 29 Jun 2021 14:06:18 GMT
tags.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		1 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
564
expires
Tue, 29 Jun 2021 14:06:18 GMT
owl.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.carousel.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1096
expires
Tue, 29 Jun 2021 14:06:18 GMT
owl.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457

Request headers

:path
/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
last-modified
Tue, 09 Mar 2021 18:45:01 GMT
server
nginx/1.12.2
age
39
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
902
expires
Tue, 29 Jun 2021 14:06:18 GMT
social-auth.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		46 B
322 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919

Request headers

:path
/polopoly_fs/3.212.1615315469!/social-auth.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.css
last-modified
Tue, 09 Mar 2021 18:44:30 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
bootstrap-social.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/bootstrap-social.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa

Request headers

:path
/polopoly_fs/3.212.1615315469!/bootstrap-social.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/bootstrap-social.css
last-modified
Tue, 09 Mar 2021 18:44:29 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
fotorama.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

:path
/polopoly_fs/3.203.1615315462!/css/fotorama.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama.css
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
2
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2844
expires
Tue, 29 Jun 2021 14:06:18 GMT
fotorama-custom.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 		738 B
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a

Request headers

:path
/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
2
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
302
expires
Tue, 29 Jun 2021 14:06:18 GMT
SearchElement.css
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		1 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968

Request headers

:path
/polopoly_fs/3.200.1615315459!/SearchElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.css
last-modified
Tue, 09 Mar 2021 18:44:19 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 		909 B
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f

Request headers

:path
/polopoly_fs/3.197.1615315455!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/style.css
last-modified
Tue, 09 Mar 2021 18:44:15 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/ 		110 B
384 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420

Request headers

:path
/polopoly_fs/3.184.1615315445!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.184.1615315445!/style.css
last-modified
Tue, 09 Mar 2021 18:44:06 GMT
server
nginx/1.12.2
age
18
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
111
expires
Tue, 29 Jun 2021 14:06:18 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/ 		857 B
551 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273

Request headers

:path
/polopoly_fs/3.178.1615315437!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.178.1615315437!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:57 GMT
server
nginx/1.12.2
age
32
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
273
expires
Tue, 29 Jun 2021 14:06:18 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/ 		456 B
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba

Request headers

:path
/polopoly_fs/3.175.1615315435!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.175.1615315435!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:55 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
font-awesome.min.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
fontscorreio.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/ 		398 B
401 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
fontsbelamais.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/ 		244 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
last-modified
Tue, 09 Mar 2021 18:43:44 GMT
server
nginx/1.12.2
age
42
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
140
expires
Tue, 29 Jun 2021 14:06:18 GMT
stylenovo.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/stylenovo.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850

Request headers

:path
/polopoly_fs/3.163.1615315420!/stylenovo.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/stylenovo.css
last-modified
Tue, 09 Mar 2021 18:43:45 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
style.css
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 		140 B
375 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/style.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56

Request headers

:path
/polopoly_fs/3.153.1615315412!/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/style.css
last-modified
Tue, 09 Mar 2021 18:43:32 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/css
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/ 		470 B
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/MainElement.css
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053

Request headers

:path
/polopoly_fs/3.150.1615315409!/MainElement.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.150.1615315409!/MainElement.css
last-modified
Tue, 09 Mar 2021 18:43:29 GMT
server
nginx/1.12.2
age
54
x-cache
HIT
content-type
text/css
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
261
expires
Tue, 29 Jun 2021 14:06:18 GMT
autotrack.min.js
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/autotrack.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6

Request headers

:path
/polopoly_fs/3.137.1615315402!/autotrack.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/autotrack.min.js
last-modified
Tue, 09 Mar 2021 18:43:24 GMT
server
nginx/1.12.2
age
62
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7269
expires
Tue, 29 Jun 2021 14:06:18 GMT
jquery.cookie.min.js
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path
/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
last-modified
Tue, 09 Mar 2021 18:43:24 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
jquery-1.11.0.min.js
www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

:path
/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
last-modified
Fri, 01 Mar 2019 17:19:16 GMT
server
nginx/1.12.2
age
39
vary
User-Agent
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
33417
expires
Tue, 29 Jun 2021 14:06:18 GMT
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 17:57:54 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-length
4824
priority
u=3,i

Redirect headers

date
Sun, 30 May 2021 14:06:18 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
vll
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
patrocinio-topo-7.22393
www.correiodopovo.com.br/cmlink/ 		581 B
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/patrocinio-topo-7.22393
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
f9b29e7257cfb5e783e10b78557c63f08b5fe7766a6dcb327d759d4fc91904ab

Request headers

:path
/cmlink/patrocinio-topo-7.22393
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/patrocinio-topo-7.22393
last-modified
Sat, 03 Apr 2021 13:36:32 GMT
server
nginx/1.12.2
age
50
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
303
expires
Sun, 30 May 2021 14:10:18 GMT
eleicao3-o-7.22099
www.correiodopovo.com.br/cmlink/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/eleicao3-o-7.22099
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
96051d7b87fad520c1a70ad7180314578b397f49ed6c7fa13bb855a62a828c8a

Request headers

:path
/cmlink/eleicao3-o-7.22099
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/eleicao3-o-7.22099
last-modified
Fri, 13 Nov 2020 12:20:54 GMT
server
nginx/1.12.2
age
39
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
1660
expires
Sun, 30 May 2021 14:10:18 GMT
grid-n-7.21805
www.correiodopovo.com.br/cmlink/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/grid-n-7.21805
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
df0e9d18862f0197fc60b1e7fc79d8eb9d7af159d83566444beafd27a494d8e6

Request headers

:path
/cmlink/grid-n-7.21805
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/grid-n-7.21805
last-modified
Tue, 08 Dec 2020 11:08:53 GMT
server
nginx/1.12.2
age
39
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
8095
expires
Sun, 30 May 2021 14:10:18 GMT
cssbellamais-7.21806
www.correiodopovo.com.br/cmlink/ 		748 B
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/cssbellamais-7.21806
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
441e54b1dba4df6b3fc07406d82f1e6069bb799c4c42f7296bf1830717c1aae7

Request headers

:path
/cmlink/cssbellamais-7.21806
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/cssbellamais-7.21806
last-modified
Wed, 30 Sep 2020 20:24:59 GMT
server
nginx/1.12.2
age
30
x-cacheable
YES
vary
Accept-Encoding
x-cache
HIT
content-type
text/css;charset=utf-8
v
5
cache-control
max-age=240
accept-ranges
bytes
content-length
285
expires
Sun, 30 May 2021 14:10:18 GMT
com.atex.gong.paywall.membership.js
www.correiodopovo.com.br/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/js/com.atex.gong.paywall.membership.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Request headers

:path
/js/com.atex.gong.paywall.membership.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 86400.000 /js/com.atex.gong.paywall.membership.js
last-modified
Thu, 04 Oct 2018 03:33:34 GMT
server
nginx/1.12.2
age
2
x-cache
HIT
content-type
application/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2011
expires
Tue, 29 Jun 2021 14:06:18 GMT
ws-GTAYHGT2.js
wfpscripts.webspectator.com/bootstrap/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 16:04:01 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"b0dccc480294ce8e2bfa6b534879b285"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=31536000
denakop.js
v3.denakop.com/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/denakop.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12831f9e496736b05c74491ab84a9a20e7a88af99196f838a81455a8dc9e960
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1059
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31e690000032501e173000000001
last-modified
Thu, 27 May 2021 03:02:30 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60af0bc6-ce61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
657885b749733250-FRA
cf-bgj
minify
barra.js
barra.r7.com/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/barra.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:28 GMT
server
AkamaiNetStorage
etag
"703e196e3c0da18c7b8365fb7bd025d7:1618419748.848626"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=68877
accept-ranges
bytes
content-length
8872
Correio_do_Povo_branco.png
portal.correiodopovo.com.br/imagens/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correio_do_Povo_branco.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:17 GMT
last-modified
Mon, 15 Jul 2019 19:56:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e0743667473bd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
3706
Correio_do_Povo.png
portal.correiodopovo.com.br/imagens/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correio_do_Povo.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:17 GMT
last-modified
Mon, 15 Jul 2019 19:56:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e99a3667473bd51:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
15396
linkedin.png
portal.correiodopovo.com.br/imagens/social/ 		347 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/linkedin.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:17 GMT
last-modified
Fri, 28 Aug 2020 14:48:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"282b6474a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
347
instagram.png
portal.correiodopovo.com.br/imagens/social/ 		676 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/instagram.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:17 GMT
last-modified
Fri, 28 Aug 2020 14:48:33 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"a8a1ae4d4a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
676
facebook.png
portal.correiodopovo.com.br/imagens/social/ 		295 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/facebook.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:17 GMT
last-modified
Fri, 28 Aug 2020 14:48:57 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"dfbde25b4a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
295
youtube.png
portal.correiodopovo.com.br/imagens/social/ 		382 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/youtube.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:17 GMT
last-modified
Fri, 28 Aug 2020 14:49:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e2d595674a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
382
twitter.png
portal.correiodopovo.com.br/imagens/social/ 		484 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/social/twitter.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
last-modified
Fri, 28 Aug 2020 14:49:09 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"e73b13634a7dd61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
484
gtm.js
www.googletagmanager.com/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9847d43764d602ee2142f8cef1865c18f839e8f8048056c65fe5fff7bb686ee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34802
x-xss-protection
0
last-modified
Sun, 30 May 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 May 2021 14:06:18 GMT
all.min.js
plugins.soclminer.com.br/v3/sdk/ 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:450e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
17795
x-amz-request-id
60TRXWSBGQM310BK
x-amz-id-2
EJZu3UUbXA7h7NED8H8yX15+RQLh8+0s8gxHdK6dt2F9RQpXrY6YW3HFk9PXuNc37A2d/4Tj1+E=
last-modified
Tue, 27 Apr 2021 23:29:34 GMT
server
cloudflare
etag
W/"5add67ef8194e067ee0fd36a665defc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6%2FG4DM1vsjVgYBtiHDaJJ0tp%2Bd63gA47Ssb7k2LBmqR2BYopwFHKulUfC9VCBtXwYpwKiyWbfPLJhr9e0C3Ki7lFqOZFf86JN7zacjGr1HKXBd%2FWSCzdKrzrHv6SCkdtJNRrYYFB7h1nDGcJjFeBwcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-request-id
0a5f31e6c200000625d3253000000001
cf-ray
657885b79ffc0625-FRA
universal.min.js
tag.navdmp.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7eb3effef6340a2d1b6320cb06e0fda1554de14bcf1e2c061df468f6f05f174

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
723
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id
0a5f31e6c100004e5c67964000000001
last-modified
Thu, 27 May 2021 18:45:41 GMT
server
cloudflare
etag
W/"60afe8d5-1f7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
657885b79a334e5c-FRA
expires
Sun, 30 May 2021 14:54:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
R/B44E/yK8E0y2UMFJ5ei7Za4JcW86/nusC8BokbFKmXn8XeXQrnD3D1g7dHCWztdXDf1ETxAuqWE8XsrT+QUA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sun, 30 May 2021 14:06:18 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47

Request headers

:path
/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
24267
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4874
expires
Tue, 29 Jun 2021 14:06:18 GMT
pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43

Request headers

:path
/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
20789
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4136
expires
Tue, 29 Jun 2021 14:06:18 GMT
bella_preto.png
portal.correiodopovo.com.br/imagens/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/bella_preto.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
last-modified
Mon, 28 Sep 2020 22:24:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0c02610e695d61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
40820
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BaNCerjLw45VsEAnOGbAzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"a68431d28598ca094cc7a5b791b0415c"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-BaNCerjLw45VsEAnOGbAzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:18 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.628357:1622381336/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628357:1622381336/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e5b2a4cf0d56caf2af3be5124f9c5985ae3b4ab1f0af7e60ec674e927d25a456

Request headers

:path
/image/policy:1.628357:1622381336/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
15262
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
20536
expires
Tue, 29 Jun 2021 14:06:18 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.627754:1622236018/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.627754:1622236018/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
f0042d9582d7e35a76a80cea3f94a97c2f35e87b4526b1adc994daf7c708094d

Request headers

:path
/image/policy:1.627754:1622236018/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
13218
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17628
expires
Tue, 29 Jun 2021 14:06:18 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.628354:1622379735/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628354:1622379735/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
c9a201eaae3eb82354828a587748363df6047f6d71be7ac22fc7194f9c421662

Request headers

:path
/image/policy:1.628354:1622379735/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
14756
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
20280
expires
Tue, 29 Jun 2021 14:06:18 GMT
image.jpg
www.correiodopovo.com.br/image/policy:1.628347:1622377962/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628347:1622377962/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
9ba17dbb71ef465749fe2f25f7355c748b02004c2edc4aff67b4bee42a7acfd3

Request headers

:path
/image/policy:1.628347:1622377962/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
6147
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
5790
expires
Tue, 29 Jun 2021 14:06:18 GMT
Correiodopovo_horizontal.png
portal.correiodopovo.com.br/imagens/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.correiodopovo.com.br/imagens/Correiodopovo_horizontal.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
last-modified
Mon, 21 Sep 2020 16:18:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0b593d53290d61:0"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35024
bootstrap.min.js
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

:path
/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
1
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8536
expires
Tue, 29 Jun 2021 14:06:18 GMT
Imager.min.js
www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/Imager.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836

Request headers

:path
/polopoly_fs/3.159.1615315419!/Imager.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.159.1615315419!/Imager.min.js
last-modified
Tue, 09 Mar 2021 18:43:39 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
jquery.cookie.min.js
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path
/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
last-modified
Tue, 09 Mar 2021 18:44:12 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
users.min.js
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 		810 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/users.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151

Request headers

:path
/polopoly_fs/3.191.1615315451!/users.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/users.min.js
last-modified
Tue, 09 Mar 2021 18:44:12 GMT
server
nginx/1.12.2
age
40
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
404
expires
Tue, 29 Jun 2021 14:06:18 GMT
persona.min.js
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 		441 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/persona.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e

Request headers

:path
/polopoly_fs/3.194.1594145527!/persona.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/persona.min.js
last-modified
Tue, 07 Jul 2020 18:12:08 GMT
server
nginx/1.12.2
age
1
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
280
expires
Tue, 29 Jun 2021 14:06:18 GMT
poll.min.js
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/poll.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f

Request headers

:path
/polopoly_fs/3.302.1615315537!/poll.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/poll.min.js
last-modified
Tue, 09 Mar 2021 18:45:37 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
autosize.min.js
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/autosize.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123

Request headers

:path
/polopoly_fs/3.259.1551461019!/autosize.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/autosize.min.js
last-modified
Fri, 01 Mar 2019 17:23:39 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
video.js
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd

Request headers

:path
/polopoly_fs/3.256.1551461012!/video.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.js
last-modified
Fri, 01 Mar 2019 17:23:32 GMT
server
nginx/1.12.2
age
1
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20089
expires
Tue, 29 Jun 2021 14:06:18 GMT
tags.carousel.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.carousel.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
tags.navigation.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.navigation.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
owl.carousel.js
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e

Request headers

:path
/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/owl.carousel.js
last-modified
Tue, 09 Mar 2021 18:45:02 GMT
server
nginx/1.12.2
age
40
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7137
expires
Tue, 29 Jun 2021 14:06:18 GMT
social-auth.min.js
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 		490 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd

Request headers

:path
/polopoly_fs/3.212.1615315469!/social-auth.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.min.js
last-modified
Tue, 09 Mar 2021 18:44:30 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
fotorama.js
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/fotorama.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

:path
/polopoly_fs/3.203.1615315462!/js/fotorama.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/js/fotorama.js
last-modified
Tue, 09 Mar 2021 18:44:22 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
namespace.min.js
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		220 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/namespace.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0

Request headers

:path
/polopoly_fs/3.200.1615315459!/namespace.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/namespace.min.js
last-modified
Tue, 09 Mar 2021 18:44:20 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
SearchElement.min.js
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 		549 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7

Request headers

:path
/polopoly_fs/3.200.1615315459!/SearchElement.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.min.js
last-modified
Tue, 09 Mar 2021 18:44:20 GMT
server
nginx/1.12.2
age
3
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
297
expires
Tue, 29 Jun 2021 14:06:18 GMT
personalization.min.js
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 		887 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/personalization.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31

Request headers

:path
/polopoly_fs/3.197.1615315455!/personalization.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/personalization.min.js
last-modified
Tue, 09 Mar 2021 18:44:15 GMT
server
nginx/1.12.2
age
11
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
526
expires
Tue, 29 Jun 2021 14:06:18 GMT
infiniteScroll.js
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c

Request headers

:path
/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
funcoes.js
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/funcoes.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647

Request headers

:path
/polopoly_fs/3.163.1615315420!/js/funcoes.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/funcoes.js
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
43
x-cache
HIT
content-type
text/javascript
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2358
expires
Tue, 29 Jun 2021 14:06:18 GMT
plugin.min.js
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 		192 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/plugin.min.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0

Request headers

:path
/polopoly_fs/3.153.1615315412!/plugin.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/plugin.min.js
last-modified
Tue, 09 Mar 2021 18:43:32 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
text/javascript
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
footer-portal.js
barra.r7.com/footer/footer-portal/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/footer/footer-portal/footer-portal.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
65929976a7474811485e91671303abba0e9073934a7712e9426cfc0996bb21f2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:48 GMT
server
AkamaiNetStorage
etag
"03c8813a4f64a6f90678d2a446a049d9:1618419768.260441"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=551302
accept-ranges
bytes
content-length
3659
pubads_impl_2021052401.js
securepubads.g.doubleclick.net/gpt/ 		309 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 08:37:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110966
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:18 GMT
init
webservices.webspectator.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383578732
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
WildFly/10 / Undertow/1
Resource Hash
8820f41878c49d1387ad4d4e4ee09ab48ca9abc391b5079215179571b276698e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:19 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-116.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:36:45 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1774
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
ZEAEdtcRiNcZrC4LdTdE-HKV9cLAlYDqHepjhimp-_DHapI1ZdzcuQ==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
etag
"WhyxmPkT7L77qVDcrjxwGw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 06 Jun 2021 14:06:18 GMT
loader.js
cdn.taboola.com/libtrc/correiodopovo/ 		385 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d94aa4db4075a7603c7b43751041c425d48d0d0ece8b3c71f2994a5a8506bdb6

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
q88jYDhcuCQHIIIEVhEo0OpdIjgIKHdP
content-encoding
gzip
etag
"ac057870fa68f6b5fb99a90cbc033d21"
age
7365
x-cache
HIT
content-length
32486
x-amz-id-2
LqohaRpjeY7zN2GbQVsIDyZSo2+6MnqmceN1vp9CgdSMy8jtGBzftK7rJi/spryx1cu12MZX1PA=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:50:10 GMT
server
AmazonS3
x-timer
S1622383579.990526,VS0,VE1
date
Sun, 30 May 2021 14:06:18 GMT
vary
Accept-Encoding
x-amz-request-id
N154XE0PASQN6HRT
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
66
x-cache-hits
1
newsroom.js
c2.taboola.com/nr/correiodopovo/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/correiodopovo/newsroom.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"6d0a3d0a56a0d3318f9c30ce3d5680fb"
age
0
x-cache
HIT
content-length
16138
x-amz-id-2
7DKs2DsYvaV1G02Ubuz99aHAtEPR03C7dUNBnQ3zbtBYKQu+pgKbWNBKEWA+1EigqJRlfdHt/q8=
x-served-by
cache-hhn11541-HHN
last-modified
Fri, 04 Sep 2020 23:39:48 GMT
server
AmazonS3
x-timer
S1622383579.995759,VS0,VE118
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding
x-amz-request-id
M8PMQTBNNDVNBMGR
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
css
fonts.googleapis.com/ 		4 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:32:34 GMT
server
ESF
date
Sun, 30 May 2021 14:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:18 GMT
58ee86211d42061afb000002
cms-media-api.r7.com/menu/ 		30 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cms-media-api.r7.com/menu/58ee86211d42061afb000002
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/barra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3277d89c9ed0fce41b518b0320f0580cd28898d6e95558554551dda824ab7a1a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:18 GMT
Content-Encoding
gzip
ETag
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
!no-store, must-revalidate, max-age=120
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
4985
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:15:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:13:07 GMT
server
sffe
age
190260
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19264
x-xss-protection
0
expires
Sat, 28 May 2022 09:15:18 GMT
glyphicons-halflings-regular.woff
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb

Request headers

:path
/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
last-modified
Fri, 01 Mar 2019 17:19:18 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
application/x-font-woff;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
ClanOT-Book.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 		95 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
42
x-cache
HIT
content-type
application/octet-stream;charset=utf-8
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
45109
expires
Tue, 29 Jun 2021 14:06:18 GMT
ClanOT-News.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 		95 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998

Request headers

:path
/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
pragma
no-cache
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
last-modified
Tue, 09 Mar 2021 18:43:43 GMT
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
application/octet-stream;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:18 GMT
hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df

Request headers

:path
/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
189676
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
22188
expires
Tue, 29 Jun 2021 14:06:18 GMT
jurandir.png
www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b

Request headers

:path
/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
169649
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21864
expires
Tue, 29 Jun 2021 14:06:18 GMT
taline.png
www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea

Request headers

:path
/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
190658
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18710
expires
Tue, 29 Jun 2021 14:06:18 GMT
juremir.png
www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209

Request headers

:path
/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
176728
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18528
expires
Tue, 29 Jun 2021 14:06:18 GMT
guilherme.png
www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109

Request headers

:path
/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
157332
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15166
expires
Tue, 29 Jun 2021 14:06:18 GMT
conill.png
www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4

Request headers

:path
/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
141166
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
15134
expires
Tue, 29 Jun 2021 14:06:18 GMT
nando.png
www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ee2eb05a42f913e9d0b507359bf249acc024088eae85e30976cca0169a557cd2

Request headers

:path
/image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
154908
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16348
expires
Tue, 29 Jun 2021 14:06:18 GMT
bessi.png
www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e

Request headers

:path
/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
176614
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
18416
expires
Tue, 29 Jun 2021 14:06:18 GMT
alexandre.png
www.correiodopovo.com.br/image/policy:1.488037:1601342579/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb

Request headers

:path
/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
172753
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17428
expires
Tue, 29 Jun 2021 14:06:18 GMT
gonzaga.png
www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747

Request headers

:path
/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
194247
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
21096
expires
Tue, 29 Jun 2021 14:06:18 GMT
Prancheta%2048.png
www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913

Request headers

:path
/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
server
Azion IMS
x-original-image-size
164232
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
17390
expires
Tue, 29 Jun 2021 14:06:18 GMT
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:21 GMT
server
sffe
age
14560
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19240
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:38 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 03:56:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
age
209365
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
expires
Sat, 28 May 2022 03:56:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/ Frame A0C3 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210524/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210524/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 29 May 2021 22:01:17 GMT
expires
Sat, 12 Jun 2021 22:01:17 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
57901
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid.js
v3.denakop.com/ 		193 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2616
cf-polished
origSize=197617
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31e76300002c4a770dc000000001
last-modified
Tue, 25 May 2021 19:17:38 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60ad4d52-303f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
657885b89d932c4a-FRA
cf-bgj
minify
correiodopovo.com.br
v3.denakop.com/ad-request/10102/desktop/ 		675 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/ad-request/10102/desktop/correiodopovo.com.br
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72aed1997751de7e8f28a344f8313a83b283266bde77975b198cdac981075dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
private, max-age=1800
access-control-allow-credentials
true
cf-ray
657885b89d912c4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31e76300002c4a362af000000001
profiles.js
d.tailtarget.com/ Frame 8E55 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:13:08 GMT
content-encoding
gzip
age
13991
x-guploader-uploadid
ABg5-UxyCYIXdqHmmHs4aoMCxbQa2JRASriV-CoStsb9KXuUuNaRQa3j24y_ug1JW0ECyJRjFYvpUb7aOxNDjQ7RqVU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5285
last-modified
Mon, 19 Apr 2021 15:43:34 GMT
server
UploadServer
etag
"603f25fd36318626ab410174bd3e1cd3"
x-goog-hash
crc32c=QOm0Sg==, md5=YD8l/TYxhiarQQF0vT4c0w==
content-language
en
x-goog-generation
1618847014064238
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 31 May 2021 10:13:08 GMT
204496277643064
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/204496277643064?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
425986da2e02da8b34033595c0bc8208f07136653cae6b24393ee50bd35b8415
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
4Drc//EgTFuBI0iWyD+D2Tm59rcmEjAfc7GAYQWIgsM3osFXGm5/R5DogJNpXwePCv8fQGENACJcJdbROfAhDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 30 May 2021 14:06:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-HGAVM7nQJ_sep.js
rules.quantcount.com/ 		3 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 00:54:03 GMT
via
1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
age
47570
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 20:26:00 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
DFHWi5Dwj6TcRSsAe9szOfxxVNrR3Sd4qB-XQux7NP4Hqi-q6j7XwA==
js
www.googletagmanager.com/gtag/ 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3284683e2501316168c3a9277ffdbb723b03978c2d0f5de0c20f69831e7dbe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46606
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:19 GMT
329022_2819.js
receiver.posclick.dinamize.com/forms/js/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://receiver.posclick.dinamize.com/forms/js/329022_2819.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Dinamize-PcReceiver /
Resource Hash
961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
last-modified
Sun, 30 May 2021 14:06:19 GMT
server
Dinamize-PcReceiver
etag
2021-05-19 14:53:24.074365618 -0300 -03 m=+1.147663895
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
content-length
24502
profiles.js
barra.r7.com/tailtarget/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.r7.com/tailtarget/profiles.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
last-modified
Wed, 14 Apr 2021 17:02:29 GMT
server
AkamaiNetStorage
etag
"8004950a941b96d9c812191aaaa6ce00:1618419749.19302"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=602605
accept-ranges
bytes
content-length
5253
prebid.js
tagmanager.smartadserver.com/ 		601 KB
188 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagmanager.smartadserver.com/prebid.js
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-113.deploy.static.akamaitechnologies.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
17f51b6b7becd307827ebd7e0184f13419a7df47827d58f758d958534ef32c58

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 13:48:07 GMT
Server
Apache/2.4.25 (Debian)
ETag
"964ff-5c0539461064b-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=142
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
192545
Expires
Sun, 30 May 2021 14:08:41 GMT
ac
www5.smartadserver.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=99869&async=1&visit=s&tmstp=4813918487&tag=sas_99869&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
903f83eda0232beac5bcea17d7072f288e81dbc9839eeab1ec432e2b74e42e44

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b15%3b80
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10108470
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
405253
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 25 May 2022 21:32:06 GMT
dialogos.png
www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b

Request headers

:path
/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
8640
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3468
expires
Tue, 29 Jun 2021 14:06:19 GMT
pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a

Request headers

:path
/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
24799
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3556
expires
Tue, 29 Jun 2021 14:06:19 GMT
cenarock.png
www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97

Request headers

:path
/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
42068
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4618
expires
Tue, 29 Jun 2021 14:06:19 GMT
planocarreira.png
www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359

Request headers

:path
/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
27000
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3708
expires
Tue, 29 Jun 2021 14:06:19 GMT
correiofeminino.png
www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189

Request headers

:path
/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
40227
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4758
expires
Tue, 29 Jun 2021 14:06:19 GMT
fotocorreio.png
www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
14cc03bc3cb62a25bc65bb84d6a79e30a8e18abfdd395ecc9000861ee45443dd

Request headers

:path
/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
41706
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4336
expires
Tue, 29 Jun 2021 14:06:19 GMT
carrosemotos.png
www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e

Request headers

:path
/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
26579
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4220
expires
Tue, 29 Jun 2021 14:06:19 GMT
dialogosnovo.png
www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d

Request headers

:path
/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
11381
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
3930
expires
Tue, 29 Jun 2021 14:06:19 GMT
cinecp.png
www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624

Request headers

:path
/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
28419
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4402
expires
Tue, 29 Jun 2021 14:06:19 GMT
seculonovo.png
www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae

Request headers

:path
/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
49818
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
8110
expires
Tue, 29 Jun 2021 14:06:19 GMT
logo%20of-jor02.png
www.correiodopovo.com.br/image/policy:1.515193:1604606827/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21

Request headers

:path
/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
34768
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
12048
expires
Tue, 29 Jun 2021 14:06:19 GMT
campereada.png
www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5

Request headers

:path
/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
24813
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4240
expires
Tue, 29 Jun 2021 14:06:19 GMT
bichoamigo.png
www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390

Request headers

:path
/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
33055
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
4332
expires
Tue, 29 Jun 2021 14:06:19 GMT
livrosamais.png
www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b

Request headers

:path
/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
40778
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
5496
expires
Tue, 29 Jun 2021 14:06:19 GMT
/
vacina.saude.rs.gov.br/ Frame BAEF 		4 MB
660 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0 ASP.NET
Resource Hash
68a2dd980b4129eb4b52d803dcd12b960fa872dbee8fa53d40a8b1bce1ab162c

Request headers

:method
GET
:authority
vacina.saude.rs.gov.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html
content-encoding
gzip
last-modified
Sun, 30 May 2021 12:12:24 GMT
accept-ranges
bytes
etag
"3897ec-5c38b05934d44"
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0 ASP.NET
date
Sun, 30 May 2021 14:06:20 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1622383579146&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1622383579146&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1622383579146&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-116.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
hMhGmJZotz8p4zK6pMQsI7Kn6Ty98aBozv_t9TSHjZM0Hn06MB786Q==

Redirect headers

date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1622383579146&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
content-length
184
x-amz-cf-id
8FJu7lefE5rGiDo8CspLsNGRzkr1Y7bkt5oAyxfE2rZhCQpky_fdyQ==
cookie.js
partner.googleadservices.com/gampad/ 		210 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4754d63697b4929293d4a37bca2a1707a35ef626f343a9c480d8b6abca03c1cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 640D 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1622383579&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383578941&bpp=5&bdt=591&idt=214&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5858417810452&frm=20&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383579&ga_hid=1420106494&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=488355705424272&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1622383579&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383578941&bpp=5&bdt=591&idt=214&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5858417810452&frm=20&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383579&ga_hid=1420106494&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=488355705424272&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=248
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:19 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 30-May-2021 14:21:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 14:06:19 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:19 GMT
ENERGIASOLAR_PAINEIS_POA.jpg
www.correiodopovo.com.br/image/policy:1.627945:1622249299/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.627945:1622249299/ENERGIASOLAR_PAINEIS_POA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=1b2c655&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ee4b4e078105ba1eda7657eb89a1dedab2118f7485e44364940501be87cf689c

Request headers

:path
/image/policy:1.627945:1622249299/ENERGIASOLAR_PAINEIS_POA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=1b2c655&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
20842
expires
Tue, 29 Jun 2021 14:06:19 GMT
92-1.jpg
www.correiodopovo.com.br/image/policy:1.627621:1622226812/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.627621:1622226812/92-1.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=670dbcc&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
13525031ba4cbb31fad3d6255f815a1f5652b853db2cb353c3dd113f77511cb1

Request headers

:path
/image/policy:1.627621:1622226812/92-1.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=670dbcc&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept, User-Agent
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
10920
expires
Tue, 29 Jun 2021 14:06:19 GMT
imagem-de-army-of-the-dead-1580502308039_v2_1210x544.jpg
www.correiodopovo.com.br/image/policy:1.626976:1622140485/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.626976:1622140485/imagem-de-army-of-the-dead-1580502308039_v2_1210x544.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6a14f23&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
89e257af7797e5e9f60aa21a99fac86a9c0be1b14c8909cd2c69b7c756f9936b

Request headers

:path
/image/policy:1.626976:1622140485/imagem-de-army-of-the-dead-1580502308039_v2_1210x544.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6a14f23&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
19572
expires
Tue, 29 Jun 2021 14:06:19 GMT
wind-farm-1209335.jpg
www.correiodopovo.com.br/image/policy:1.584689:1615486900/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.584689:1615486900/wind-farm-1209335.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=745a0aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
8048551008ffd51823ff935cfe8b20691143984aa7bc3b7d2e720af92ee54a98

Request headers

:path
/image/policy:1.584689:1615486900/wind-farm-1209335.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=745a0aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16146
expires
Tue, 29 Jun 2021 14:06:19 GMT
NOITEDOSMUSEUS2019_PUBLICO190518J.jpg
www.correiodopovo.com.br/image/policy:1.532081:1607100841/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac

Request headers

:path
/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14188
expires
Tue, 29 Jun 2021 14:06:19 GMT
CABINEDEVOTACAODOTREPOA.jpg
www.correiodopovo.com.br/image/policy:1.520273:1605302767/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608

Request headers

:path
/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
6594
expires
Tue, 29 Jun 2021 14:06:19 GMT
INCENDIONAAMAZONIA190825.jpg
www.correiodopovo.com.br/image/policy:1.456793:1595967208/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a

Request headers

:path
/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
23524
expires
Tue, 29 Jun 2021 14:06:19 GMT
CONFLITONAALEMANHAEM1920.jpg
www.correiodopovo.com.br/image/policy:1.406675:1584663803/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c

Request headers

:path
/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
29062
expires
Tue, 29 Jun 2021 14:06:19 GMT
gremiocoronaGT13.jpg
www.correiodopovo.com.br/image/policy:1.406650:1584655134/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4

Request headers

:path
/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
9148
expires
Tue, 29 Jun 2021 14:06:19 GMT
WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg
www.correiodopovo.com.br/image/policy:1.401717:1582743154/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4

Request headers

:path
/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14730
expires
Tue, 29 Jun 2021 14:06:19 GMT
000_1P67ML.jpg
www.correiodopovo.com.br/image/policy:1.401058:1582333779/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484

Request headers

:path
/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
20584
expires
Tue, 29 Jun 2021 14:06:19 GMT
CONCEICAOEVARISTO.jpg
www.correiodopovo.com.br/image/policy:1.397524:1580848385/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2

Request headers

:path
/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
14550
expires
Tue, 29 Jun 2021 14:06:19 GMT
the-dead-line-in-the-raod-1175899-1599x1024.jpg
www.correiodopovo.com.br/image/policy:1.392853:1578957861/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
46fd479ffb31457f997272daabf4e1791a0f0814c2127888ef6ecd526d37d00b

Request headers

:path
/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
2438
expires
Tue, 29 Jun 2021 14:06:19 GMT
IAR%202019-79.jpg
www.correiodopovo.com.br/image/policy:1.377823:1572903045/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb

Request headers

:path
/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2027
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
16342
expires
Tue, 29 Jun 2021 14:06:19 GMT
load.js
widget.perfectmarket.com/correiodopovo/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/correiodopovo/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OX_wFyoLLxdy6CvRXTBfoc.VwLgDWCuR
content-encoding
gzip
etag
"958ac9562841470c9f6dee2a6538099e"
age
0
x-cache
HIT, MISS
content-length
1253
x-amz-id-2
xu35XkvAzETqqvzdHExxtZ7+rsegu1SozGjV33oXU+Stu3w9ZOdnKrtQpEgmvr0qJ8aAgCIgoOo=
x-served-by
cache-lax10649-LGB, cache-bma1650-BMA
last-modified
Thu, 09 Apr 2020 05:41:41 GMT
server
AmazonS3
x-timer
S1622383579.348924,VS0,VE337
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding,,
x-amz-request-id
HEZQC5N26X98E8KZ
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20210530-6-RELEASE.js
cdn.taboola.com/libtrc/ 		491 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
06d5135164cf7ce56902eefb2a0e6489574b843dccf3675b26dbef2eadb6da0e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SaWnxFrxWeZVyTG2j98mBPdRFPSYXHxU
content-encoding
br
etag
"88c5332ddcffd7549763ad8e046bfd5b"
age
8602
x-cache
HIT
content-length
114903
x-amz-id-2
WtklfUOFG4tATmLjHLTXXl3DrW0R5phZelcAReYPDydtWxxYKpQd7/6hNffIzxXIfWSkS4rT9l0=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:38:07 GMT
server
AmazonS3-br
x-timer
S1622383579.289107,VS0,VE0
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding
x-amz-request-id
FDP7RGQZ2BSZ1YK9
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
27
x-cache-hits
100137
profile
d.t.tailtarget.com/ Frame 8E55 		92 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
clear
expires
Sun, 30 May 2021 15:06:19 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38925d240f4b29b4c9fa9607af4efac53ada2ed1659acdf69262934abb6223a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 18:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 15:07:34 GMT
server
sffe
age
242250
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83874
x-xss-protection
0
expires
Fri, 27 May 2022 18:48:49 GMT
pixel;r=1020179238;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;uht=2;fpan=1;fpa=P0-54038982-1622383579320;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1020179238;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;uht=2;fpan=1;fpa=P0-54038982-1622383579320;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=correiodopovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1622383579320;tzo=-120;ogl=title.Correio%20do%20Povo%2Csite_name.Correio%20do%20Povo%2Curl.https%3A%2F%2Fwww%252Ecorreiodopovo%252Ecom%252Ebr%2F%2Cdescription.%2Ctype.website
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=204496277643064&ev=PageView&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&rl=&if=false&ts=1622383579338&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.2.1622383579336.1893117386&it=1622383579030&coo=false&exp=l1&rqm=GET
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 30 May 2021 14:06:19 GMT
collect
www.google-analytics.com/g/ 		0
78 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-B73LS4GNNN&gtm=2oe5q1&_p=1420106494&sr=1600x1200&ul=en-us&cid=1791129875.1622383579&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dt=Correio%20do%20Povo&sid=1622383579&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c47d2f26c45aa2edee7054b2eaea7935b3a114adc98042c8f801f4b263f1e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:19 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210530
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa68690e91a4fd57e531b973bf7d5b4fe294a924b260dc424b0ecfd964d7214a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
39910
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
955
etag
W/"69a-dLVrqpRD2E7B3igZnRcPV8vii0k"
x-served-by
cache-fra19164-FRA, cache-hhn4028-HHN
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=74742383033
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=876518600
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:18 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=62524362721
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=24202830463
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:18 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
get-action
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 		132 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/correiodopovo/get-action?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=187140057136968091&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
03409cd7411458e049326fd43e6781ab4776e36c168e56d16c5e20807565399f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.44.225.247:8080
date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1622383580.500280,VS0,VE9
x-served-by
cache-hhn11578-HHN
x-cache
MISS
content-type
application/json;charset=UTF-8
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
postmessageRelay
accounts.google.com/o/oauth2/ Frame 9BB2 		566 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf86e918e148f2dac51be2ff472dfd9181096690f868fc3883ace839ea916ee8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AY103nc2Uo08cbVokSKMyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=b5HE3ysoWaHAsmOFKnFSKgRAPxm6nGwS1oIXPRNL32Ykuoq-3E3BA4iA1WZgcqCc1tOrPIMNZRiS-MqOaD8-U-ynaflQD5W7u6eK2GsORaKn_uh7OkLkHnzdUukSVD-pqMCR8uWmMrmJE8fyDCgw5OXybXyuiICYxujkCJmzxlI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 May 2021 14:06:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-AY103nc2Uo08cbVokSKMyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
stories-vertical-ui.20210530-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		585 B
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210530-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c888181a33972580a293f93de0dc3ca3f95628d604f76e58b8e3dc5987a3714c

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GkQHmWe4yqYFnNwxljVzPnDd29pEErLf
content-encoding
gzip
etag
"5fa4f61f5aa361e0770a34a3ed8e17f3"
age
8480
x-cache
HIT
x-amz-replication-status
PENDING
content-length
316
x-amz-id-2
yENtf+uqUQoiP/MPk0pNtG9cUHr0wek8kaDEifDdPEeSTm2lKAHmYqB556wsUomuIZ4JrbkXPgM=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:44:58 GMT
server
AmazonS3
x-timer
S1622383580.574969,VS0,VE0
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding
x-amz-request-id
VY80R57M7E428759
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
27
x-cache-hits
116581
notify-impression
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/correiodopovo/notify-impression?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=187140057136968091&page.template=home&page.dashboard=home
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.45.228.66:8080
date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 varnish
server
nginx
x-timer
S1622383580.589163,VS0,VE8
x-served-by
cache-hhn11578-HHN
x-cache
MISS
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
initcb
webservices.webspectator.com/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webservices.webspectator.com/initcb?appId=2782&vId=7BCDAC1F457D1512&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1622383579596&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383578732
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.192.67.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
WildFly/10 / Undertow/1
Resource Hash
f141f5c8d8a386596dafb30751b91df4faa740d176e3fc1ef6db66edda40d98b

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:19 GMT
Content-Encoding
gzip
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
X-NoCache
true
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/ 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cda094b418f993e9af91feb07b3b5c09c5244cb83acd6d34d9217a8f689e9f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 08:05:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
21620
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41231
x-xss-protection
0
expires
Mon, 30 May 2022 08:05:59 GMT
capajornal.aspx
portal.correiodopovo.com.br/includes/input/ Frame 26AD 		224 B
330 B 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dbe0459d389f72356710d03e95a19ec9c7567d997669663c14cf59a218932865

Request headers

:method
GET
:authority
portal.correiodopovo.com.br
:scheme
https
:path
/includes/input/capajornal.aspx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

cache-control
public, max-age=1134
content-type
text/html; charset=utf-8
expires
Sun, 30 May 2021 14:25:13 GMT
last-modified
Sun, 30 May 2021 13:55:13 GMT
vary
*
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Sun, 30 May 2021 14:06:18 GMT
content-length
224
index.php
stg.truvidplayer.com/ 		977 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=2778661053255069.5
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a8cf69a63ad301f48215e497d0c01c6b59db2a7da64d278045b12f3b49a84a99

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-encoding
gzip
x-amz-cf-id
GXynJGzudyJ_eENN8LfdUPu3xcxAPcrWZn1AWr2nGdZwpBaJ_1lxHg==
ac
www5.smartadserver.com/ 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=38077&async=1&visit=s&tmstp=4813918487&tag=sas_38077&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:18 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b26%3b69
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		22 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31549&async=1&visit=s&tmstp=4813918487&tag=sas_31549&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b3%3b59
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
client:platform.js
apis.google.com/js/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56f2a1bd4b602a28ea69fde2910ce59d2c41449c6ed1cef157066db214489133
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XPzr31Jj892fz0l/O4C+HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"3c7f7b0ac4925ef74737c4ef36d8dac6"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-XPzr31Jj892fz0l/O4C+HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:19 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48383e5afdcb0c170f0a020a9ce7267962745588e7b64620d1a901c751012774
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Kvfo05mzSWyO7r0oKck7Fg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
BXrZr+kTw9OCN4XP+cVRK00g4xi8iTxO4TsfldbrVmCzNi9nlSGs0EeMgf1KJ3V0kPV7UKk5SxFUaeD2DYf/sg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
f35fb0cbcc71faa1348930de1f9bba00
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"afac0aa327faf2bf23445004149c1df1"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 30 May 2021 14:18:00 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:19 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
733
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28779
x-tw-cdn
VZ
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6794)
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
p.gif
www.correiodopovo.com.br/logger/ 		43 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/logger/p.gif?d=/2.200
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

:path
/logger/p.gif?d=/2.200
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-cacheable
NO:Not-Cacheable
server
nginx/1.12.2
age
0
x-cache
MISS
content-type
image/gif
v
5
cache-control
max-age=2592000
accept-ranges
bytes
content-length
57
expires
Tue, 29 Jun 2021 14:06:19 GMT
json
trc.taboola.com/correiodopovo/trc/3/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/correiodopovo/trc/3/json?tim=16%3A06%3A19.647&lti=deflated&data=%7B%22id%22%3A719%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1622375361461%2C%22vi%22%3A1622383579644%2C%22cv%22%3A%2220210530-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10657%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2449.96875%2C%22mw%22%3A1140%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22orig_uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22cd%22%3A6072.625%2C%22mw%22%3A336%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2fd074267712dd99f55c596251444b59220f543d600bf42c5b72038e021bdb3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
248
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
server
nginx
x-timer
S1622383580.673116,VS0,VE248
x-served-by
cache-hhn11578-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
t3m.js
tags.t.tailtarget.com/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.8.1 /
Resource Hash
a5e707ebeb7fe50531dcd4341ed8d5d75ff393ed7144e8d51ba7a1fe88594329

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 12:41:56 GMT
content-encoding
gzip
age
5063
x-guploader-uploadid
ABg5-UyWGokt54Tx9hlUvMYUT4bWIZSQfp3w9sC2LMqGcriS3foY7o2343LFH0GdyCflc_5dMLOgAUmNZmNhNW85Xgc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
15513
last-modified
Thu, 20 May 2021 16:56:57 GMT
server
nginx/1.8.1
etag
"b2c3b520d7d357b26dbeaf2fd2db2f57"
vary
Accept-Encoding
x-goog-hash
crc32c=IkQx8g==, md5=ssO1INfTV7Jtvq8v0tsvVw==
x-goog-generation
1621529817721461
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
15513
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 30 May 2021 14:41:56 GMT
5adf2406bbb3eb0c0b000002
snippets.r7.com/snippet/ 		20 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippets.r7.com/snippet/5adf2406bbb3eb0c0b000002?callback=r7JsonpCallbackFooter
Requested by
Host: barra.r7.com
URL: https://barra.r7.com/footer/footer-portal/footer-portal.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6152bfeecad2d29b475f5c67e4e649551203ff8fe5aa99112964bdac59f138f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
!no-store, must-revalidate, max-age=1800
accept-ranges
bytes
content-length
2112
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 21:31:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
405283
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 25 May 2022 21:31:36 GMT
fontawesome-webfont.woff
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b

Request headers

sec-fetch-mode
cors
origin
https://www.correiodopovo.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b
:path
/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
x-cache-rule
YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
last-modified
Tue, 09 Mar 2021 18:43:42 GMT
server
nginx/1.12.2
age
43
x-cache
HIT
content-type
application/x-font-woff;charset=utf-8
v
5
cache-control
max-age=2592000
expires
Tue, 29 Jun 2021 14:06:19 GMT
temperaturatopo
www.correiodopovo.com.br/cmlink/ 		240 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.correiodopovo.com.br/cmlink/temperaturatopo
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
d1c1b72b84888109ab498bff1b1e7f6869f21c420e4b72e719e4b3521ee1fc22

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b
:path
/cmlink/temperaturatopo
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html, */*; q=0.01
cache-control
no-cache
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/html, */*; q=0.01
Referer
https://www.correiodopovo.com.br/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
x-cache-rule
YES with ttl: 60.000 /cmlink/temperaturatopo
x-cacheable
YES
server
nginx/1.12.2
age
9
vary
Accept-Encoding
x-cache
HIT
content-type
text/html;charset=utf-8
v
5
cache-control
max-age=300
accept-ranges
bytes
content-length
162
expires
Sun, 30 May 2021 14:11:19 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		763 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fe2709db54fb3d3dc405af9a6dc0ba3f8b0a9c48bcd65866c971fa908e87965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 07:31:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
498
x-xss-protection
0
last-modified
Wed, 19 May 2021 15:07:34 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 May 2022 07:31:09 GMT
subscribe_embed
www.youtube.com/ Frame 532A 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c6b571c533cbbdd92050d83e034f87749357af65d54f02fab1336ae5f2bb2ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=bSjXxTXIrFE; VISITOR_INFO1_LIVE=WFZ6ZSZPJks
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 May 2021 14:06:19 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+785; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2038943760-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 9BB2 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 05:56:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4265
x-xss-protection
0
last-modified
Wed, 26 May 2021 02:35:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 29 May 2022 05:56:08 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 9BB2 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
b
sb.scorecardresearch.com/ 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622383579813&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-116.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
uh5J1dug2E1Xb-dlxxETnS5ZZYpalrCTjV_eyp-475LldRr7eOVzxA==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=14194541&ns__t=1622383579813&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-116.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
IydXAeDkUGzIzQL7hDWK88pW-X9BNxpli7aWORcJ-UqkwQEEAE68hA==
x-cache
Miss from cloudfront
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.34.0&cb=53270257530
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		496 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
90cf17d96e39c02d4a40d61a6bee63a980fcdab9af5b1b22d41aa9267263cab9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:20 GMT
X-Proxy-Origin
185.236.42.202; 185.236.42.202; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.119:80
AN-X-Request-Uuid
723e2fa5-f0fb-4b4d-ba87-a3bdef75fd13
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
496
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		495 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
27b9c3dfc13ae75a252f4a4b373d78fc5847fb6d43f7ace203a336ad09ee04c8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:20 GMT
X-Proxy-Origin
185.236.42.202; 185.236.42.202; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.132:80
AN-X-Request-Uuid
2334c338-d7d0-47cc-9e68-c90c41a8b273
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
495
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
1f08d457c44a44d90b81e91529bb790b7e4be6fffee8fb7897d15a99d32ac166

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b734e590bddfdf21347ee10542429341b1c47f7d1afafeac1b6988cbf59cc3f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
b4ab65cef5372eca17c0289cd9a2fa4404ae54d4847dcccb3f1bd0d0a292e28d

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
27ecc7acc0fa67739b96ed12555be77a79eac5e0798fc54372e560603cf25d66

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
.jpg
www.correiodopovo.com.br/image/policy:1.628357:1622381336/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628357:1622381336/.jpg?f=3x2&$p$f=3d7bc82&w=1200&$w=9c05b01
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
a0188b6a639e9dbb37223ad5a3b2fc37507e64098cfc87c86cfc9dd3e3e0e2a4

Request headers

:path
/image/policy:1.628357:1622381336/.jpg?f=3x2&$p$f=3d7bc82&w=1200&$w=9c05b01
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
92956
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
96928
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.627959:1622251634/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.627959:1622251634/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
25678f774852d560199826a6b58ee56d79b39cdb853476c81c88af9e692d5f3b

Request headers

:path
/image/policy:1.627959:1622251634/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
32796
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
31150
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.627938:1622248776/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.627938:1622248776/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
3deb4de030b04672efd89912ec81df3a7254e7e062e9600debe5c92edd6c77b6

Request headers

:path
/image/policy:1.627938:1622248776/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
29834
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
27830
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.628317:1622338666/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628317:1622338666/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
f0bcabc362262d1e092b9eccf8d9a17beb41f3fe20142b788709c5bede7764e5

Request headers

:path
/image/policy:1.628317:1622338666/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
30249
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
26948
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.628289:1622330992/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628289:1622330992/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
7a05b3c7a80fdddae80709d3629d1b68eb1e2b7f179cdb1d6f18d64c4bb019c3

Request headers

:path
/image/policy:1.628289:1622330992/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
37766
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
36246
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jpg
www.correiodopovo.com.br/image/policy:1.628307:1622336097/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628307:1622336097/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
b9c5ebe7087c79a1238f4bc4570ed938ba6daf343abd24fd886d8976e1ef05c0

Request headers

:path
/image/policy:1.628307:1622336097/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
33945
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
32060
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jfif
www.correiodopovo.com.br/image/policy:1.627843:1622241238/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.627843:1622241238/.jfif?f=1x2&$p$f=1261986&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
nginx/1.12.2 /
Resource Hash
e890adc3d6afeb89eac22b54de7cd2796e99dc6a36b74371a6736d423e39fa33

Request headers

:path
/image/policy:1.627843:1622241238/.jfif?f=1x2&$p$f=1261986&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
age
244
x-original-image-width
1280
v
5
x-rendered-image-height
540
x-cache
HIT
content-length
31585
x-cache-rule
YES with ttl: 600.000 /image/policy:1.627843:1622241238/.jfif?f=1x2&$p$f=1261986&w=360&$w=1071b2b
x-original-image-height
960
server
nginx/1.12.2
x-rendered-image-width
360
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 30 May 2021 14:11:19 GMT
.JPG
www.correiodopovo.com.br/image/policy:1.628047:1622297294/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628047:1622297294/.JPG?f=1x2&$p$f=f7fc437&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
2652d95076e8367afbd56698c41ada9ec8130aa91724896701504f5f4b847063

Request headers

:path
/image/policy:1.628047:1622297294/.JPG?f=1x2&$p$f=f7fc437&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
31409
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
30398
expires
Tue, 29 Jun 2021 14:06:19 GMT
.jpeg
www.correiodopovo.com.br/image/policy:1.628255:1622325277/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/image/policy:1.628255:1622325277/.jpeg?f=3x2&$p$f=c0bd4c2&w=360&$w=1071b2b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
9b6a26723013a685c4499ae4691675b2e4b2d8616e8497305902973b5722957b

Request headers

:path
/image/policy:1.628255:1622325277/.jpeg?f=3x2&$p$f=c0bd4c2&w=360&$w=1071b2b
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
29153
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
33604
expires
Tue, 29 Jun 2021 14:06:19 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5967
date
Sun, 30 May 2021 12:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 30 May 2021 14:26:52 GMT
32.png
www.correiodopovo.com.br/imagens/icons/93x93/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.correiodopovo.com.br/imagens/icons/93x93/32.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS
194-126-175-195.static.hvvc.us
Software
Azion IMS /
Resource Hash
dc8d4219659e440c995fd466d5e09ff8b5ad53215a6d3fe1bae78b13cca8969b

Request headers

:path
/imagens/icons/93x93/32.png
pragma
no-cache
cookie
_fbp=fb.2.1622383579336.1893117386; _ga_B73LS4GNNN=GS1.1.1622383579.1.0.1622383579.0; _ga=GA1.1.1791129875.1622383579; __gads=ID=8efcae9b29c51ba2-221e38b858c800fb:T=1622383579:RT=1622383579:S=ALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A; __qca=P0-54038982-1622383579320; ___ws_ses=7BCDAC1F457D1512.1; ___ws-sr=; ___ws_vis=7BCDAC1F457D1512.1622383579317; ___ws_ses_sec=4863:1622383579317; ___ws_vis_sec=4863:1622383579317; trc_cookie_storage=|taboola global:user-id=5941e293-a18b-43cb-b37b-2b92b6c5e7a1-tuct7ad215b; denakop_freq={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.correiodopovo.com.br
referer
https://www.correiodopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
server
Azion IMS
x-original-image-size
2163
vary
Accept
content-type
image/webp
v
5
cache-control
max-age=2592000
x-ims
Enabled
content-length
2626
expires
Tue, 29 Jun 2021 14:06:19 GMT
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=10937359571
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ac
www5.smartadserver.com/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31546&async=1&visit=s&tmstp=4813918487&tag=sas_31546&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
4a41ff0abda9ec33155bf0ed4b89299f5f1d2c5900316ca1ac1bd4e01dbf7ae3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b20%3b103
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10142324
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=40829753649
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ac
www5.smartadserver.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=55382&async=1&visit=s&tmstp=4813918487&tag=sas_55382&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
c647ccf80aaf1e7e79efb05944ba010eccdbdd6bb95f5e0c6101fad803fa8fe2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b8%3b90
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9041896
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=25089206698
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:20 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31547&async=1&visit=s&tmstp=4813918487&tag=sas_31547&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3cc5737fee1d0eb209474fc463a0b9c30a31442e49849a107cac9ec383200b4

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b8%3b78
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10203339
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:20 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.29.0&cb=73922631522
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.correiodopovo.com.br
date
Sun, 30 May 2021 14:06:19 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
ac
www5.smartadserver.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=53988&async=1&visit=s&tmstp=4813918487&tag=sas_53988&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
fa704a28cf00f11bdf9ac25e9b7acb1b77aa22fa1616b9a85d2a5413f3e64f6e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b13%3b59
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122889
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRw1lqtYBrBDBq1HJ

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sun, 30 May 2021 14:06:19 GMT
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
K5WccSrxzpQ
www.youtube.com/embed/ Frame 4CD1 		52 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fe944818c4cd78e2be08784d5c2b86e18ac1a037cb84b17587de9c21987bfef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=bSjXxTXIrFE; VISITOR_INFO1_LIVE=WFZ6ZSZPJks
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 May 2021 14:06:20 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+461; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: www5.smartadserver.com
URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=99869&async=1&visit=s&tmstp=4813918487&tag=sas_99869&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b5fae5af4f5970094cc33b7f9e835218efb988926e77acc342bf5fb6062f7251

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 10:50:13 GMT
Server
AkamaiNetStorage
ETag
"5b8169d94c5f1fd4282490a69ae925c6:1621507950.742921"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9969
sdk.js
connect.facebook.net/en_US/ 		218 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=6bf05a15e484bfa80c99daf25c97c045&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25c03f21a884c7d46a0cc9f2c86844d2eaaa1fa8dac6c96806bbf7703437cd57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.correiodopovo.com.br
Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
udgxX9V3ZBZbaRWP6+MAoA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65698
x-fb-rlafr
0
x-fb-debug
V53P31Seo4iHQjJ4BptiX9EgcznXxkLuCYjnW0ooeRskAOZkFoMaQOR37DQyRBvRn7yIzecyG8bqjxgEDMUujQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d84b96db4836dca190061d7b2fbc3b02
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 30 May 2021 14:06:19 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"25f0cb71a7b2ff4c10476507b571cdcf"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 May 2022 12:33:56 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame C908 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
315913
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 30 May 2021 14:06:20 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
cb=gapi.loaded_2
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_2
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c42320bb5d776dd387b759a6c35d206cb7ff46aad01a54f3e0aad7bfd857945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 22:03:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 15:07:34 GMT
server
sffe
age
230565
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23865
x-xss-protection
0
expires
Fri, 27 May 2022 22:03:35 GMT
pmk-202003261.4.js
widget.perfectmarket.com/correiodopovo/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/correiodopovo/pmk-202003261.4.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/correiodopovo/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kqTxPFH_D9zExzTB0PjSGPERIWhbAJJ0
content-encoding
gzip
etag
"722c612becdf55d8463d1c4ea96bd7ea"
age
3364110
x-cache
HIT, HIT
content-length
30933
x-amz-id-2
OzU4x+gQsj3aRNq7o3SccjN4Dj2rLLMvzJjWbqvTqpiL86VBh4HTPPD+tBIG2nXn6WvKP/lwrT0=
x-served-by
cache-lax10645-LGB, cache-bma1650-BMA
last-modified
Thu, 09 Apr 2020 05:41:41 GMT
server
AmazonS3
x-timer
S1622383580.064919,VS0,VE1
date
Sun, 30 May 2021 14:06:20 GMT
vary
Accept-Encoding,,
x-amz-request-id
JFRFR018GQ6120RK
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
8n0akrsyq_6uxg5pnqyh_file
img.r7.com/images/2017/08/08/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.r7.com/images/2017/08/08/8n0akrsyq_6uxg5pnqyh_file
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b3373d26e094f2aa6c1c6093de6870d8df1c1412389eaee206bd38f3c5ff81d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-digest
28c1724991fa2ce3ead82a1bdae2fe8de11afbc6
x-original-content-length
2183
etag
W/"PSA-aj-a1LSeY01_9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
!no-store, must-revalidate, max-age=31536000
content-disposition
filename="8n0akrsyq_6uxg5pnqyh_file.png"
accept-ranges
bytes
content-length
1804
x-content-type-options
nosniff
expires
Fri, 20 Nov 2020 21:05:18 GMT
ortc-heartbeat1sec-min.js
wfpscripts.webspectator.com/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7BCDAC1F457D1512&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1622383579596&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Wed, 30 Nov 2016 17:07:44 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"ae07ae40393a03d603b6341bf9f7f923"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
19153
x-amz-meta-s3b-last-modified
20161130T162538Z
swfobject.js
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7BCDAC1F457D1512&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1622383579596&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 09:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363782
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3974
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 May 2022 09:03:18 GMT
blockadblock.js
wfpscripts.webspectator.com/adblocker/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7BCDAC1F457D1512&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1622383579596&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2016 13:22:22 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
2696
ws-4.4.62.js
wfpscripts.webspectator.com/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by
Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=7BCDAC1F457D1512&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1622383579596&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 17:07:49 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=2592000
content-length
23796
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding
gzip
etag
"7f7f981d4ecb61feeff48e66441716da"
age
10394
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5628
x-amz-id-2
U1TbYOeMJdgziqZUZ5Pw84oNcXMDzoETnzr3O2tNyYtFI5qeISf28bNEhQhnuLD7gQtVvaHA7Do=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:12:52 GMT
server
AmazonS3
x-timer
S1622383580.099610,VS0,VE0
date
Sun, 30 May 2021 14:06:20 GMT
vary
Accept-Encoding
x-amz-request-id
NWCPYBF1DRE03144
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
27
x-cache-hits
145620
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 		2 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
26232
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11578-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1622383580.099608,VS0,VE0
date
Sun, 30 May 2021 14:06:20 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
27
x-cache-hits
578877
tfa-eid.20210530-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210530-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b9e250a908b25e99340a8adc9a4756ff2b894990e47b7cf6229b46ba88f1496

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8Yr3u1V0rOql_.8K62JpfSQIwXfo9boP
content-encoding
gzip
etag
"1b9c0551e0974734c1981a72a86e56ee"
age
8485
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4867
x-amz-id-2
Si2CzMjltEfCvftwBNi04+UvX1zUj4ws728SOb4QiHGC1eCFiWX6Xj1FSZzDibiRckru7QmWiy0=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:44:53 GMT
server
AmazonS3
x-timer
S1622383580.101664,VS0,VE0
date
Sun, 30 May 2021 14:06:20 GMT
vary
Accept-Encoding
x-amz-request-id
2AC5MVVVJ2NZVMTP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
27
x-cache-hits
92801
sha256.20210530-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210530-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69feeb133046fd550269bb9754aae68436ae429b6cb5e5ae7f5e11fa7d4ed7f4

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dmet7prDOg8ZtGEEc97aOVqGikHGoks9
content-encoding
gzip
etag
"5525bf557fc6f8c97cdc7d4a6672ee6e"
age
8471
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
K1KAmPeGtgAF019EScI0Dmy9YmFNsEfkZKnCOYSCb/E0Q6pvnj5xT6UVOFNUbfcs2xHLbjOwCwQ=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:45:05 GMT
server
AmazonS3
x-timer
S1622383580.101732,VS0,VE0
date
Sun, 30 May 2021 14:06:20 GMT
vary
Accept-Encoding
x-amz-request-id
WQ0ZKYEYX2B2GXBZ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
27
x-cache-hits
87070
userx.20210530-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210530-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02da92e0423eb89630188f863e4f3b43c519506bfe020ac4938c8183c43c48fc

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IpOXL4pzsXk.Ri0VZtpA_1QyEBvYZcr5
content-encoding
gzip
etag
"ad18aa5430b1f1ddfcfa36fd516b33ba"
age
8490
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7953
x-amz-id-2
8Hs16S8nXB2tl4dxeEYxgSeIrMUv3xwgMyYUePRSYQbHXji3h6MfZVtRJ3crT3WBm7/fYzpteag=
x-served-by
cache-hhn11578-HHN
last-modified
Sun, 30 May 2021 11:44:48 GMT
server
AmazonS3
x-timer
S1622383580.131678,VS0,VE0
date
Sun, 30 May 2021 14:06:20 GMT
vary
Accept-Encoding
x-amz-request-id
V3VV86W6866VK6TG
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
27
x-cache-hits
15857
visit.jpg
tps.doubleverify.com/ 		305 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=25812006&sid=5791742&plc=302184196&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:19 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=0
Content-Length
142
Expires
5/29/2021 2:06:20 PM
ad_impression.gif
beacon.krxd.net/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=25812006&advertiserid=9706141&placementid=302184196&adid=494967631&creativeid=149984088&siteid=5791742
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.41.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1622383580
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
B25812006.302184196;dc_pre=COn39ufJ8fACFcOkdwodpLkCkw;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25812006.302184196;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25812006.302184196;dc_pre=COn39ufJ8fACFcOkdwodpLkCkw;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;...
42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25812006.302184196;dc_pre=COn39ufJ8fACFcOkdwodpLkCkw;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=correiodopovo.com.br
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25812006.302184196;dc_pre=COn39ufJ8fACFcOkdwodpLkCkw;dc_trk_aid=494967631;dc_trk_cid=149984088;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=correiodopovo.com.br
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3680.js
go.trvdp.com/init/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/3680.js?pid=2617
Requested by
Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=2778661053255069.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:b600:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 09:17:54 GMT
via
1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
last-modified
Tue, 27 Oct 2020 11:05:42 GMT
server
AmazonS3
age
9694107
etag
"270eed6f93a6caf3e2976ddfbf017ed6"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
23347
x-amz-cf-id
zjhz4X3a-qzi2BmEAwVY4kQdkBeTwMqHO8xXepSCFlNi7is1Lv0P1g==
ac
www5.smartadserver.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=43190&async=1&visit=s&tmstp=4813918487&tag=sas_43190&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
ebbeb494fed0fa1b7d0dde21fb7cdf6ee58cb6e27d71296ca50be940f3cc4b70

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b23%3b63
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122920
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=59524&async=1&visit=s&tmstp=4813918487&tag=sas_59524&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
d7db787732cb32ca342e858cf3036bf0bb0ae0f68fee5be8e2f19a7a3bfdecb0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b6%3b85
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10188657
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=68987&async=1&visit=s&tmstp=4813918487&tag=sas_68987&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
cc63a7c25d2001fdcf43eaaf8ef8e5ad36849d00f286111f60b9b21b6f77ddd3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b16%3b77
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
9122927
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
ac
www5.smartadserver.com/ 		22 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=75721&async=1&visit=s&tmstp=4813918487&tag=sas_75721&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b16%3b87
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
9315f8eb95197c9b89585d08dfe46263.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9315f8eb95197c9b89585d08dfe46263.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26ca00b9a3c859f4afd47df6036e8fc4dc11ede3eabc53ac36d1539c1eb8b89a

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 30 May 2021 14:06:20 GMT
via
1.1 varnish, 1.1 varnish
age
3214838
edge-cache-tag
462043697798302422391367838517222036450,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9315f8eb95197c9b89585d08dfe46263.jpg
content-length
21746
x-request-id
58b508e51f8b417059ce17ba7223fa28
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 15 Apr 2021 14:04:59 GMT
server
nginx
x-timer
S1622383580.201778,VS0,VE1
etag
"4a88eb9370cbeb26b2c37f0b2e1a61da"
x-served-by
cache-wdc5540-WDC, cache-dca17725-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1
2b7c353649c28a48330aafda1489aa6a.jpg
images.taboola.com/taboola/image/fetch/h_284,w_340,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_284,w_340,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b7c353649c28a48330aafda1489aa6a.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61baec055a03b6a73f810f541d1908f3e094a4867e0f4beb13a2ccf40fe25787

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 30 May 2021 14:06:20 GMT
via
1.1 varnish, 1.1 varnish
age
2353210
edge-cache-tag
335737194070273823721266358128749676036,559839914433406531786640694352621746145,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_284,w_340,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2b7c353649c28a48330aafda1489aa6a.jpg
content-length
4518
x-request-id
4f5c6d3e6a0104c6aa3e4b683a3758d5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 30 Apr 2021 17:38:31 GMT
server
nginx
x-timer
S1622383580.201762,VS0,VE1
etag
"ac467597c7f5895e1aa4148337f2a196"
x-served-by
cache-wdc5552-WDC, cache-dca17730-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ea7a5cf34e2d3962b8bed59055411f4fe67aa93f24317f31620d48898145dd8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 30 May 2021 14:06:20 GMT
via
1.1 varnish, 1.1 varnish
age
887617
edge-cache-tag
322089413535885002890087190934422546620,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
38
expiration
expiry-date="Tue, 15 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length
15616
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Sat, 15 May 2021 02:38:11 GMT
server
nginx
x-timer
S1622383580.254096,VS0,VE1
etag
"c2d50a453d4853c520519686934829ab"
x-served-by
cache-wdc5576-WDC, cache-dca17756-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
qnap-ts-x73_nasservers.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/assets/content/bit/board/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/assets/content/bit/board/qnap-ts-x73_nasservers.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b34ca567f7a2c8fec55ea128d4ad8d19b834390053555cfe5d41945204c2cb77

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
161
date
Sun, 30 May 2021 14:06:20 GMT
via
1.1 varnish, 1.1 varnish
age
1905637
edge-cache-tag
616870347681502967980382651819639783097,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
50
expiration
expiry-date="Sat, 05 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.pricerunner.se/images/assets/content/bit/board/qnap-ts-x73_nasservers.jpg
content-length
12260
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 05 May 2021 15:02:04 GMT
server
nginx
x-timer
S1622383580.255355,VS0,VE161
etag
"e9556bb15b15afa746bd9429a04ed2a9"
x-served-by
cache-wdc5579-WDC, cache-dca17723-DCA, cache-hhn11578-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 532A 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 23:32:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
age
52442
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6066
x-xss-protection
0
expires
Sun, 29 May 2022 23:32:18 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 532A 		252 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 22:23:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
age
402200
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73785
x-xss-protection
0
expires
Wed, 25 May 2022 22:23:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1420106494&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=570871225&gjid=1957377281&cid=1791129875.1622383579&tid=UA-4083550-1&_gid=1489116224.1622383580&_r=1&gtm=2wg5q1MFKL3B&did=i5iSjo&z=780826742
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
16222515589411_normal.jpg
digital2.correiodopovo.com.br/files/flip/CPOVO/15332/up/ Frame 26AD 		269 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digital2.correiodopovo.com.br/files/flip/CPOVO/15332/up/16222515589411_normal.jpg
Requested by
Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.160.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
bb09854c2602eeb51cf87dd84b2dd665647fd37fcfe271cad34c8bb1b3b035a3

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 30 May 2021 14:06:20 GMT
Last-Modified
Sat, 29 May 2021 01:54:52 GMT
Server
Apache-Coyote/1.1
ETag
16222515589411_normal.jpg_274951_1622253292000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public; max-age=31536000
Content-Disposition
inline; filename=16222515589411_normal.jpg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
274951
Expires
Wed, 16 Jun 2021 14:46:49 GMT
api.gif
v3.denakop.com/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383580203&cb=0.8605753764366844
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f31ec2f00002c4a712a0000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885c04f352c4a-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
integrator.js
adservice.google.se/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 532A 		156 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 04:57:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
32913
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Mon, 30 May 2022 04:57:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		227 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=488355705424272&correlator=1313189168632567&output=ldjh&impl=fifs&eid=31060783%2C31061311%2C21068030%2C21068864%2C22316438%2C31060976%2C31061003%2C31061149&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210530&iu_parts=21715141650%2Cdesktop_scroll%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90&pfxs=1&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D3%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&bc=31&abxe=1&lmt=1622383580&dt=1622383580265&dlt=1622383578350&idt=751&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315%2C315&adys=2010%2C4032%2C6542%2C0&adks=275933635%2C3604996771%2C2304380594%2C3738811365&ucis=1%7C2%7C3%7C4&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x-1%7C1600x-1%7C970x-1&msz=1600x-1%7C1600x-1%7C1600x-1%7C970x-1&ga_vid=1791129875.1622383579&ga_sid=1622383579&ga_hid=1420106494&ga_fc=false&fws=4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600&btvi=1%7C2%7C3%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bfdab520d03250a1006897b2d2d8c479761d70a2e1201395820850db1b4ffdf9
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIms_OfJ8fACFaaTdwodPtoMlA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6703470307412726278/970x250/index_970x250.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIms_OfJ8fACFaaTdwodPtoMlA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6703470307412726278/970x250/index_970x250.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45138
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1
pragma
no-cache
server
cafe
date
Sun, 30 May 2021 14:06:22 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
api.gif
v3.denakop.com/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383580276&cb=0.33572772756325664
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f31ec7300002c4a159c9000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885c0b8242c4a-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383580276&cb=0.37195650027260485
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f31ec7400002c4a75115000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885c0b8272c4a-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383580277&cb=0.9095843890978204
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f31ec7800002c4a2720e000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885c0b82a2c4a-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
0001_Desktop_f3e6784c-eb64-42c5-af93-57818538b06c.jpg
creatives.sascdn.com/diff/1320/10108470/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10108470/0001_Desktop_f3e6784c-eb64-42c5-af93-57818538b06c.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1522e3c015d201d5754016ab5fe55a980dec1b7c2f0e631cd08fcca92f4ad771

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Last-Modified
Tue, 06 Apr 2021 15:25:33 GMT
Server
AkamaiNetStorage
ETag
"bf57624907354fbc39809ee1a74865da:1617722733.822942"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21417
Expires
Mon, 30 May 2022 14:06:20 GMT
CO-0016-21_-_CDC_Sustentabilidade_300x250_51a7a606-6017-47a8-860c-4729f666a8a6.jpg
creatives.sascdn.com/diff/1320/10142324/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10142324/CO-0016-21_-_CDC_Sustentabilidade_300x250_51a7a606-6017-47a8-860c-4729f666a8a6.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9324517cb9a358ecd244cc867152c2d14dc4b71bf0d4c84234532b87dc8234a2

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Last-Modified
Fri, 21 May 2021 21:01:08 GMT
Server
AkamaiNetStorage
ETag
"307e745200f580e6a13acacc99a9bccc:1621630868.643437"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65281
Expires
Mon, 30 May 2022 14:06:20 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 18AF 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32965
x-xss-protection
0
server
cafe
etag
1977833837501118871
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4083550-1&cid=1791129875.1622383579&jid=570871225&gjid=1957377281&_gid=1489116224.1622383580&_u=YADAAEAAAAAAAC~&z=737573370
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 30 May 2021 14:06:20 GMT
content-type
text/plain
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame 532A 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 03:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 15:07:34 GMT
server
sffe
age
297306
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41440
x-xss-protection
0
expires
Fri, 27 May 2022 03:31:14 GMT
www-player-webp.css
www.youtube.com/s/player/0b643cd1/ Frame 4CD1 		356 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 14:45:56 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
256824
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46118
x-xss-protection
0
expires
Fri, 27 May 2022 14:45:56 GMT
www-embed-player.js
www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/ Frame 4CD1 		193 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 14:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
256839
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65035
x-xss-protection
0
expires
Fri, 27 May 2022 14:45:41 GMT
base.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 4CD1 		2 MB
466 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 14:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
256850
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
477374
x-xss-protection
0
expires
Fri, 27 May 2022 14:45:30 GMT
fetch-polyfill.js
www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/ Frame 4CD1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 14:45:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
256839
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 27 May 2022 14:45:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4CD1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 06:54:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
112336
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 29 May 2022 06:54:04 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=898700906848364&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.correiodopovo.com.br%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6bf05a15e484bfa80c99daf25c97c045&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
sVN4tnQfDxw37GbgWQG51elNZe9G2RVmTNtOMBN8Gc4hRS3DInId9coI9Cp4ho7CH/1/bXX7l5G6LWPhrAGxDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 30 May 2021 14:06:20 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
social
trc-events.taboola.com/correiodopovo/log/3/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/correiodopovo/log/3/social?route=AM:IL:V&lti=deflated&ri=442545b70663900874adb9c844d459c7&sd=v2_f3be51644ee9e764072df797135aba3b_7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b_1622383579_1622383579_CIi3jgYQzeNHGPyj4-ybLyABKAEwvwE4krUNQLydEEiFldsDUP_0LVgAYABosa_ptcr9986tAQ&ui=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&pi=/&wi=-5703500169402860967&pt=home&vi=1622383579644&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=16%3A06%3A20.390&id=9285&llvl=1&cv=20210530-6-RELEASE&
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
server
nginx
x-fastly-to-nlb-rtt
22266
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.14.95:10213
usync.html
eus.rubiconproject.com/ Frame 6485
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by
Host: www5.smartadserver.com
URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31547&async=1&visit=s&tmstp=4813918487&tag=sas_31547&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 May 2021 14:06:20 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date
Sun, 30 May 2021 14:06:20 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
RM-UNIVERSAL--white_aa837212-2ab3-4a34-b427-08b254ab5fa1.gif
creatives.sascdn.com/diff/1320/10203339/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10203339/RM-UNIVERSAL--white_aa837212-2ab3-4a34-b427-08b254ab5fa1.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d2c0261cc4b11c2425f732c951d1ebf03322879eb365718e6157e042370e45d6

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Last-Modified
Tue, 25 May 2021 19:22:43 GMT
Server
AkamaiNetStorage
ETag
"bd023cb6c87680b3c6322a4e63cab618:1621970563.900723"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43806
Expires
Mon, 30 May 2022 14:06:20 GMT
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4083550-1&cid=1791129875.1622383579&jid=570871225&_u=YADAAEAAAAAAAC~&z=2075357513
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4083550-1&cid=1791129875.1622383579&jid=570871225&_u=YADAAEAAAAAAAC~&z=2075357513
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
msgws.webspectator.com/server/ssl/2.1/ 		67 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://msgws.webspectator.com/server/ssl/2.1/?guid=c4eda4b1-07b0-4f3a-3a7d-472fd97e7247&appkey=w5tlOg
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.139.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
b12249dec66346ab54bdf84a52f319b4232f4bec860f2af1f4cbec627b55424d

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:20 GMT
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
text/javascript
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 90E9 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32965
x-xss-protection
0
server
cafe
etag
1977833837501118871
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame 18AF 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
settings
syndication.twitter.com/ Frame C908 		256 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=0d3e3b88671802fe988f2e77c449c352a5c1107a
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:19 GMT
content-encoding
gzip
last-modified
Sun, 30 May 2021 14:06:20 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
7b3282c8338efcc7b21373e336b7fa5f922e417f7a5be0cb165ceb67306d9747
content-length
176
p.php
stg.truvidplayer.com/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=870&wid=3680&cb=8739.593311180291&pid=2617&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&isab=0
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8d92a7e1b29f408f7bcb0d2c0a1b1006a9124b7cc185840f13fe5a87459f8ab3

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.correiodopovo.com.br
access-control-allow-credentials
true
x-amz-cf-id
g9vrB8HgKCD1hKBKji7oPL1wmZPe6uPYPQw5nvLCytJ-uzm_CqcPDA==
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame 90E9 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
all.min.css
vacina.saude.rs.gov.br/vendor/fontawesome-free/css/ Frame BAEF 		55 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"dcc5-592af5a54eb00"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
14961
css
fonts.googleapis.com/ Frame BAEF 		21 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 12:12:08 GMT
server
ESF
date
Sun, 30 May 2021 14:06:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:20 GMT
sb-admin-2.css
vacina.saude.rs.gov.br/css/ Frame BAEF 		200 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/css/sb-admin-2.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
595b403da260ce0bca3c5c65929755b33f32e3cfc402863713273dbf4782b9a1

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 13:28:27 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"31f5d-5c0a3c55e5818"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
42872
dataTables.bootstrap4.min.css
vacina.saude.rs.gov.br/vendor/datatables/ Frame BAEF 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"1466-592af5a54eb00"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1284
style2.css
vacina.saude.rs.gov.br/css/ Frame BAEF 		1 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/css/style2.css
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 12:02:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"549-5c001a181d90e"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
726
js
www.googletagmanager.com/gtag/ Frame BAEF 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-61N8QP7DNJ
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09af7955961150723ea0355355a643022c613bb71c8e1da8fd6c28703c6da88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46673
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4CD1 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53cc33c85119a8602d91e4e4d01ccb630d85ac42c1c0ea156744d3f75aba1358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4CD1 		29 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:56:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
616
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sun, 30 May 2021 14:11:04 GMT
Anuncio_-Mundo-em-Caos_(300x250)_d1203665-6307-4b94-808b-f59e200ed851.jpg
creatives.sascdn.com/diff/1320/10188657/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10188657/Anuncio_-Mundo-em-Caos_(300x250)_d1203665-6307-4b94-808b-f59e200ed851.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d797459929dca4c879a9061464a074266cd7a9f343612b318d4754596932b5e1

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Last-Modified
Tue, 18 May 2021 15:01:59 GMT
Server
AkamaiNetStorage
ETag
"48394efbdcfa94e2d001ea6ee2076ebc:1621350119.828468"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90244
Expires
Mon, 30 May 2022 14:06:20 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2E86 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32965
x-xss-protection
0
server
cafe
etag
1977833837501118871
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 18AF 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 18AF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 18AF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 56FD 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efb04487a11f842cf3a348da95a4d026c1a02eae90b6b66b365545c35e8376ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmbJ3xf0OqG3CXIjcAy9tIz22BRm5P8JU6rmNuhDoUQOQFIJUMwOqK4F2o3u7U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 May 2021 14:06:20 GMT
server
cafe
content-length
6931
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 18AF 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:20 GMT
remote.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 4CD1 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 14:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
256850
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30984
x-xss-protection
0
expires
Fri, 27 May 2022 14:45:30 GMT
16PS2k-zDPNaWiGIW7-haNFTCC0mszU6UH75ouFdwXM.js
www.google.com/js/th/ Frame 4CD1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/16PS2k-zDPNaWiGIW7-haNFTCC0mszU6UH75ouFdwXM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a3d2da4fb30cf35a5a21885bbfa168d153082d26b3353a507ef9a2e15dc173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
2371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13486
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:30:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 30 May 2022 13:26:49 GMT
embed.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 4CD1 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 14:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
256633
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7471
x-xss-protection
0
expires
Fri, 27 May 2022 14:49:07 GMT
truncated
/ Frame 4CD1 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhPjf2CY-hOrlkq3KThxuXfnmURz9WT9cYC9Vc8iQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4CD1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhPjf2CY-hOrlkq3KThxuXfnmURz9WT9cYC9Vc8iQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:41:49 GMT
x-content-type-options
nosniff
age
1471
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2270
x-xss-protection
0
server
fife
etag
"v9f7"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 14 May 2021 10:18:32 GMT
sddefault.webp
i.ytimg.com/vi_webp/K5WccSrxzpQ/ Frame 4CD1 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/K5WccSrxzpQ/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c74fb119355006d8dc9fb11a66fb12167d25743f29ed19697bfb4703f6e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1622225491"
vary
Origin
content-type
image/webp
cache-control
public, max-age=300
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22806
x-xss-protection
0
expires
Sun, 30 May 2021 14:11:20 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 754C 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1267dcc220bd472ae19df58959d2c036e2dec2bce1263e1b6ba201034b9e331
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33011
x-xss-protection
0
server
cafe
etag
13425946567609087636
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 90E9 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 90E9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 90E9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 73F4 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06c06ca6fd1c64b54fe0e5d08246bab6376fa4888d7e70086c54e2107c72483c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmbJ3xf0OqG3CXIjcAy9tIz22BRm5P8JU6rmNuhDoUQOQFIJUMwOqK4F2o3u7U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 May 2021 14:06:20 GMT
server
cafe
content-length
6696
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 90E9 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:20 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame 2E86 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
cb=gapi.loaded_3
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_3
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5fa96c29827a86b627551aaf210608e27a313458a76333b51b38db32b4ae648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 19:26:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 15:07:34 GMT
server
sffe
age
239969
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9510
x-xss-protection
0
expires
Fri, 27 May 2022 19:26:51 GMT
ins.js
s.trvdp.com/scripts/v5.647/ 		432 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.647/ins.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f800:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf487f0a51b3f46d2b7dc753ce7141f2cecf3e50e0df3bdf0b23fc24e7e8e17e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 09:32:36 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 08:38:42 GMT
server
AmazonS3
age
1485224
etag
W/"058a5846135b56cbf0b381935acdfe32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Qo1c2cX0N1PwTkBXFmXnasuR8P50A3HN6VsLJaaPmf-icX7VQmZouw==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/ Frame 754C 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eabbf8979725c08a7ea1fa4e9593c90f2262bc7abff885a43c2fc3b7f9fbf9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87678
x-xss-protection
0
server
cafe
etag
1860133438801872969
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:20 GMT
usync.js
eus.rubiconproject.com/ Frame 6485 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60b100d1ecb1610c2e3e15e322549a5b0902d5b611bea2dd2369159566efe5d5

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9562
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9267
Expires
Sun, 30 May 2021 16:45:42 GMT
generate_204
www.youtube.com/ Frame 4CD1 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?THXA3Q
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4CD1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
subscribe_embed
www.youtube.com/ Frame A50A 		601 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd29c36a724eb1f14fc760ca939c4c70df6b3923e620a3e6c57125b964bf7880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=bSjXxTXIrFE; VISITOR_INFO1_LIVE=WFZ6ZSZPJks
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 May 2021 14:06:21 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+623; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
14563
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:38 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 04:14:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
553882
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 24 May 2022 04:14:59 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 09:00:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
18326
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Mon, 30 May 2022 09:00:55 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 02:03:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
302594
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Fri, 27 May 2022 02:03:07 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 25 May 2021 09:19:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
449197
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Wed, 25 May 2022 09:19:44 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2E86 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 2E86 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2E86 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rbanner.html
portal.correiodopovo.com.br/passback/ Frame CE35
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382137&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.c...
  • https://portal.correiodopovo.com.br/passback/rbanner.html
653 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.correiodopovo.com.br/passback/rbanner.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
189.16.116.12 , Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
94adaa642ceca22b6b18bf5ee73a15b65057040a140f892f9034012cffad5048

Request headers

:method
GET
:authority
portal.correiodopovo.com.br
:scheme
https
:path
/passback/rbanner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

cache-control
max-age=604800
content-type
text/html
last-modified
Wed, 25 Apr 2018 12:06:59 GMT
accept-ranges
bytes
etag
"4d9f1e98ddcd31:0"
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
access-control-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-length
653

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://portal.correiodopovo.com.br/passback/rbanner.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 May 2021 14:06:21 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 2E86 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
khaos.jpg
token.rubiconproject.com/ Frame 6485 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
cors
data.ad-score.com/score/ 		48 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.correiodopovo.com.br&l1=3680&l2=correiodopovo.com.br&l3=SE&l4=desktop&cb=0.05713433866171225
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.647/ins.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:21 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://www.correiodopovo.com.br
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
48
cookie.js
partner.googleadservices.com/gampad/ Frame 754C 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 754C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 754C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E952 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
292dcebbeba9c882fde44e8421d8ccb3eb1d69a74291d0e2aa5a02407a79a1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmbJ3xf0OqG3CXIjcAy9tIz22BRm5P8JU6rmNuhDoUQOQFIJUMwOqK4F2o3u7U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 May 2021 14:06:21 GMT
server
cafe
content-length
7835
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 754C 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9712 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuC5m3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS8AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgMovvGL9oaooN9INnjVHYj2ERgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjM3OTg1NDQyMDg1MTQ3Ng&sigh=QhKp6MsDvTk
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 May 2021 14:06:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 9712 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k9s9hxzdjpptjd65aj9yjrz31kmsdtggf0rkz27p4633c1srfz0wcxq4vw98z1gssn3r2x5ewkh98fn5ayfvbj725fsw1j051da24md9mdm7pfcam3hgz8mrthgg41yakstzakhntrdyk8gfachbk7r764s7aq1trjh109xpke2ms07389eajjmfq25q3cs69vbmtfr8ed6cssvptbkxh2akngz8jsx0tandgq14dw2bmx7zaxgffjej0fzaevtfsa065jkf65sq1mjrw404j4y8g3hh604de5dqvheqsqmmvg3ba1jjjamyvc5c3492wegp3ny797d3bepawj77pxyxr2t9evsydedsyczcegra110nycc1r3rsbybbf2gkqgwx0tw&b=YLOb3AAKyvoK7fAKAAy8KZ9bERf0lBL6F2waig
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame D4FE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ad00399ba4311dea26db7017ae94931d5243a4d35df09aaf59c2d40c73a874
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a5f31f00b0000640d7024f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657885c67984640d-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9712 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A8F1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39132
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9712 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 9712 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
l
www.google.com/ads/measurement/ Frame 9712 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHypyyHw6mFDP7HvpG47MIIxF7ekA8NTpLIl8gZq2zsW4Lo8yz8BGml-c4wyfnXaVGI8L5uETWfc4aqW5nnCXRAnsyvA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 11BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6eT13JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS7AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4N48ikn6uRO8HKi6hdyaVPIlmKABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02Mzc5ODU0NDIwODUxNDc2&sigh=Uh5-fNdYNk0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 May 2021 14:06:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 11BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g2re08n7z1a4wf0vqnshrtqmtjbehkcr6b5xsyeaqvzjseq3wmc7c9c85ejq7ytrbb7hsr31kn7thamn7w8sd3ssjpn8kc0jxzbsjnrfbqbjtmg241ae4h168r8p7npm0w8dvt13bw33ep7qmykb999xr8shpvt5h0hbtz91x3cgj6g9cb71bd1s7f5knscr4pcmggyx2pkhem34pj7bgr9e7gkjv61ty8qx8wdzvgfy40n2e8158qc4wmpr07s82kvzymcg24qs9s7qbc9gg2se7232b1z9kwdf4s0m96a76gwds0d99zhggr8w7kwx6bvghce92xk03nfrx4qh7zdy5hc6dh9chx6w6q6tkdh59adcrwe6vweqtw6v5njnbvfef7h&b=YLOb3AAM7wAK7ddMAA8n4_3hr2-tzKkYs9YQaw
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame ECCF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
542771a9d4f62d0eece099fb46cb340d97c637ccb1c3af7c202d6a5bb0e48ca9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a5f31f0160000640d75ade000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657885c6898d640d-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 11BD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 06E1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39132
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 11BD 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 11BD 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
l
www.google.com/ads/measurement/ Frame 11BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0JquPs-86DhfPq5bytV9lOcSzKYkKPExWUBLfvJSM9c2j_3l25vx2bbz-ilHRtGpZ9Q627jZonAuvleuu50iVZ0QCPg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
bulk
trc.taboola.com/correiodopovo/log/3/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/correiodopovo/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
60
pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
via
1.1 varnish
server
nginx
x-timer
S1622383581.252174,VS0,VE60
x-served-by
cache-hhn11578-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame A50A 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 01:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
age
306016
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2447
x-xss-protection
0
expires
Fri, 27 May 2022 01:06:05 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame A50A 		149 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 06:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
age
199140
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44975
x-xss-protection
0
expires
Sat, 28 May 2022 06:47:21 GMT
truncated
/ Frame 9712 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71830960105bee09642f0419c8a01df0510b405f40691d76a58e9854f5d8ea50

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 11BD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac000442cc6bd9e354598b83b56015c4162a8f3ad5450278b0abf77d85904958

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame A50A 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 03:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 15:07:34 GMT
server
sffe
age
297307
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41440
x-xss-protection
0
expires
Fri, 27 May 2022 03:31:14 GMT
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame D4FE 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5936834
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a5f31f0c300002b71f9055000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TIOG1XQQGmOWvYSCsAK8yyl1%2Bz8xus0T%2F12644ZMQKbjPi4QddKa%2FSXQiEmH1vKsdg5lVxU%2FYkfvJHJMLZaJFVJLBVjDskwnhaezwZDR1%2FfrAJXbcDKSnf2V2wUYBROu"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
657885c79e4c2b71-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame D4FE 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74439
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31f0c300002b714c94e000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=leopOe75aQLCHMcaUehXASLaEwj0G4KedmqLquM5BJUE5KZCNfeantfoTpqMbYCAgbvzapVqBvFg8ZRGLaOZNIrCS3jrXXOS5IdHbiCen%2FNWdbX08unHDQi6bZ82elw6"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
657885c79e4d2b71-FRA
expires
Sat, 29 May 2021 17:25:42 GMT
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame ECCF 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5936834
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a5f31f0c800002b711d8c8000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hnOAGGFdOqVBYsCAfl1FyfuZ3hgQQFG%2FlcSuKR%2BCozob%2B1JtUZppxIwsHJuLGp1NYWJYsbbDHetr5nk0MibChV6ifWNCE3%2BhKMvEwJyO6K9QtUVGxBrHFA2C6aGV66%2Bi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
657885c7ae5f2b71-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame ECCF 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74439
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31f0c800002b716d98c000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BpOT%2BsuAJikLZusapUU6jbmchSmc5dP7s5zaZEM1ixA1QA9sgaLAEAtOcw8E3hwYadyTXSVUHFoEeO1m%2BE6p3CBFOJ%2Fau0CnNtqnDUfToRBqjaCLatX9dzdWLxyHt0RO"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
657885c7ae612b71-FRA
expires
Sat, 29 May 2021 17:25:42 GMT
pixel
cm.g.doubleclick.net/ Frame A8F1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUIK_GvQqbgpRWJssDV78mZFqFNe7GhuuJ3a6t_akgt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUIK_GvQqbgpRWJssDV78mZFqFNe7GhuuJ3a6t_akgtG2YjaFxiKImsyNisHGY6UPSrKgJRV4ODZWIjKQak3PKlkg2rSIOWV
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:21 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUIK_GvQqbgpRWJssDV78mZFqFNe7GhuuJ3a6t_akgtG2YjaFxiKImsyNisHGY6UPSrKgJRV4ODZWIjKQak3PKlkg2rSIOWV
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame A8F1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbN...
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657885c93bafdfcb-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a5f31f1c10000dfcb8f36d000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1318
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657885c7c8f3dfcb-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUJYr5-d496I93Z6ZQTz4IAsQWMYq39ZtolmF7dApDjrG_S24ByP4W_W0zqipa9SEp5Z4N5azSr4GRrh9QFHmISXU0PNDbNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31f0dc0000dfcb1e989000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8F1
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJBvOEYFIoKvKiCyy1aqCck&google_cver=1&google_push=AQvitULnkeBWH6QDXymRzMRhy6xRTNkC1RMvXZtMTjkefdh_l37JP2kQJGDwTS7sldLfjtPuZDmdKwrekeHQJy2LqeJ4YM0-FWKN
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitULnkeBWH6QDXymRzMRhy6xRTNkC1RMvXZtMTjkefdh_l37JP2kQJGDwTS7sldLfjtPuZDmdKwrekeHQJy2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitULnkeBWH6QDXymRzMRhy6xRTNkC1RMvXZtMTjkefdh_l37JP2kQJGDwTS7sldLfjtPuZDmdKwrekeHQJy2LqeJ4YM0-FWKN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 14:06:21 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitULnkeBWH6QDXymRzMRhy6xRTNkC1RMvXZtMTjkefdh_l37JP2kQJGDwTS7sldLfjtPuZDmdKwrekeHQJy2LqeJ4YM0-FWKN
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 29 May 2021 14:06:21 GMT
pixel
cm.g.doubleclick.net/ Frame A8F1
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENqHlmdGnvdM-NM9n5q6luk&google_cver=1&google_push=AQvitUJLeBMAZN8gdn1PVWXnd-FDuvutykOi8x-yUN9U6QYdjMbt6aTQAiE5HETI_hhgbel0MQxGAehpCtl...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJLeBMAZN8gdn1PVWXnd-FDuvutykOi8x-yUN9U6QYdjMbt6aTQAiE5HETI_hhgbel0MQxGAehpCtlsvdoBDCXzwNe4CWU&google_hm=4IbvOovRRDqqEiDRGjjORso
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJLeBMAZN8gdn1PVWXnd-FDuvutykOi8x-yUN9U6QYdjMbt6aTQAiE5HETI_hhgbel0MQxGAehpCtlsvdoBDCXzwNe4CWU&google_hm=4IbvOovRRDqqEiDRGjjORso
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUJLeBMAZN8gdn1PVWXnd-FDuvutykOi8x-yUN9U6QYdjMbt6aTQAiE5HETI_hhgbel0MQxGAehpCtlsvdoBDCXzwNe4CWU&google_hm=4IbvOovRRDqqEiDRGjjORso
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A8F1
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJo7gE1wuzEz2DfbEknJLhw&google_cver=1&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBg...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEJo7gE1wuzEz2DfbEknJLhw&google_cver=1&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBg...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Ctx2lWGF2w4YPPpUNfx4mA&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBgn8s1Z4yRcgAEQfFMV7S2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Ctx2lWGF2w4YPPpUNfx4mA&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBgn8s1Z4yRcgAEQfFMV7S2aQ7RbqdqJcSMTRp2O9P
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=Ctx2lWGF2w4YPPpUNfx4mA&google_push=AQvitUJ17_EEGcRmNlNWghj_rsDshS2CgUoetn8_g4weO7EGEYPglNZq-VTBgn8s1Z4yRcgAEQfFMV7S2aQ7RbqdqJcSMTRp2O9P
Date
Sun, 30 May 2021 14:06:21 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
238
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A8F1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPmt_GTGPTyyZduAoULt0Lw&google_cver=1&google_push=AQvitUJW5_p94IIHE8y_VnUhaytIrpFgvtnGnZqKo6jxOkiKZDEH0PwerxsX4U_AhPDpokM7jRy...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQVktMUItOTk2Rg==&google_push=AQvitUJW5_p94IIHE8y_VnUhaytIrpFgvtnGnZqKo6jxOkiKZDEH0PwerxsX4U_AhPDpokM7jRynYMvukvKfe3xSy4rlovCV4NU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQVktMUItOTk2Rg==&google_push=AQvitUJW5_p94IIHE8y_VnUhaytIrpFgvtnGnZqKo6jxOkiKZDEH0PwerxsX4U_AhPDpokM7jRynYMvukvKfe3xSy4rlovCV4NU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQVktMUItOTk2Rg==&google_push=AQvitUJW5_p94IIHE8y_VnUhaytIrpFgvtnGnZqKo6jxOkiKZDEH0PwerxsX4U_AhPDpokM7jRynYMvukvKfe3xSy4rlovCV4NU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame A8F1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDENuVFPiPJXo5CgmQYyAfA&google_cver=1&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyODk4ODcxODgwNzkxMTk2&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-Byv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyODk4ODcxODgwNzkxMTk2&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzUyODk4ODcxODgwNzkxMTk2&google_push=AQvitUL3aR8wi53OkBtZbm4FLiZ9gaVvb6hsjFBaqpILD8hU1bCl4tTH5cBbel4f-ByveF8NH85Y0sEsLBPe0jDdjITweXPmny3j
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame A8F1 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1eil3-6kJT1HbXes7Cz0Tvh_v8PyqjU562-b05ro4mfjWNpWT-YC9XsRBBVUXBdhkaIM2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151382141&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580447&bpp=23&bdt=104&idt=218&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1487494442&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5366&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2134478980739847&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8ppiuxmjocgj&btvi=1&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 06E1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFwEkybtqG3NI7zwqs8NtSA&google_cver=1&google_push=AQvitUIpldPJpR60kynA4UuxYn2ltuXrTUcrXt32-ya-ZgfPwPzUcSn5RNduzWVF3rB_R65LXZM56cQPRQ1blCI6rlFF1x4nf-0
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyNDk2MDc2MjIyMTUzMTQ1Nw==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFwEkybtqG3NI7zwqs8NtSA&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFwEkybtqG3NI7zwqs8NtSA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEFwEkybtqG3NI7zwqs8NtSA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 06E1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE_U2W96TtB4L8GW9mVon2g&google_cver=1&google_push=AQvitUIzOzw95he6mhaOTcI6MLETTSomaEqcr6QyOJa09Y_kEyhVsOkii_hqInLnLtkdwS71-kN5Jybqmsvb9VHn0ycDd4am4A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 06E1 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIX9qTns1uOUsxYEzR5BYE8&google_cver=1&google_push=AQvitUKr-CFg8jAe2YCzioZRUIbQk-TG6Cp8icQ-oHaWnSOtMAW1kGFZ-Q_q1yNc5AbJbUUITC9x0JhPwiV3Lv6LKfg1zh5Gx0I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
match
um.wbtrk.net/doubleclick/user/ Frame 06E1 		0
0
pixel
cm.g.doubleclick.net/ Frame 06E1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPmt_GTGPTyyZduAoULt0Lw&google_cver=1&google_push=AQvitULTnwcAx0fs-nKkouar9jOxHsTJpA4IgiWaxwwvfFp5ZmemRLdWnSE2Fuw9yhXpIJHAy1-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQkEtMS0yN0k0&google_push=AQvitULTnwcAx0fs-nKkouar9jOxHsTJpA4IgiWaxwwvfFp5ZmemRLdWnSE2Fuw9yhXpIJHAy1-DSdOx8tpnZWAbJKvdWtNFODY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQkEtMS0yN0k0&google_push=AQvitULTnwcAx0fs-nKkouar9jOxHsTJpA4IgiWaxwwvfFp5ZmemRLdWnSE2Fuw9yhXpIJHAy1-DSdOx8tpnZWAbJKvdWtNFODY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFOQkEtMS0yN0k0&google_push=AQvitULTnwcAx0fs-nKkouar9jOxHsTJpA4IgiWaxwwvfFp5ZmemRLdWnSE2Fuw9yhXpIJHAy1-DSdOx8tpnZWAbJKvdWtNFODY
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 06E1
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKsp9YapSZ94ax7abZzpUJU&google_cver=1&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7d...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKsp9YapSZ94ax7abZzpUJU&google_cver=1&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7d...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7dvSIuK4uxq4&google_hm=be458aa7fe493f137bf1b9a5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7dvSIuK4uxq4&google_hm=be458aa7fe493f137bf1b9a5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 14:06:21 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitUIhLfQ0s0_MrKB8nbeks4N2dodLXLhrNuhitCL2m-zaI5UIw6VoiK3yVzIpL4TAo7a7Iq6RiUSsEOyW28X7dvSIuK4uxq4&google_hm=be458aa7fe493f137bf1b9a5
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 06E1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECScZqsCwqfIhv7mR5xqsuc&google_cver=1&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZuf...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECScZqsCwqfIhv7mR5xqsuc&google_cver=1&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZuf...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16Z0wyaVhsRTJ1R3llNVNibTFFOGJLT3U0VmZUY25yNX5B&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16Z0wyaVhsRTJ1R3llNVNibTFFOGJLT3U0VmZUY25yNX5B&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZufevLJRweoWJmIuMWfksH8lrSykG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 14:06:21 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16Z0wyaVhsRTJ1R3llNVNibTFFOGJLT3U0VmZUY25yNX5B&google_push=AQvitULDtK0-vp-h7zhx9lYIsNfipTVUL3SfGkOKmgn1GxqNxm1ExPU2c8h9htD9SjAbhTMZufevLJRweoWJmIuMWfksH8lrSykG
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 06E1 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjYVIuTMPSnvChVAeq6YDhJw20aTpAEZOWmD4jOjp5KfZr7tFovyViT0JOtgCaIolIscy7cA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151382136&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580546&bpp=9&bdt=107&idt=262&shv=r20210524&cbv=%2Fr20190131&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1784435327&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=7364&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&oid=3&pvsid=21896743984662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jp414rljn9r&btvi=1&fsb=1&dtd=280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 40D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-Z9-3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS8AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfRljZVXR6UhOhPNvgfNd0uK-tgAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNjM3OTg1NDQyMDg1MTQ3Ng&sigh=lPvCo6qeHZA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 30 May 2021 14:06:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 40D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g46g8c7j6n55pzgexkjtc8ngcmj8vx76rbpfn1ky5kmgfs7xsth5pv13dmdajc4nqw9vv7rryaayw6exngwmda96cb4g2n9csvx5y5aajkppkbphy7xrxhm6vbd5rjerm1tfb53z0eq428vam6yey3dczw19y8n8zjcrrqk44pak97r615prmyy307k3bc6635nj944wgjh6k0h65rrjchjf743ee83geyt2f432qn3wr374hh3gggct6r8e62x3z6q99y4ssgfmayh8r5j1djwmwzem034mxncjn2pysns2nta352hfqp307sqn1rvdcqhpvxvjyv5tsqf20n0rt6cagq99mqb9jatwp1zttwtnsmhnvhr5s8at7cxqy2pyfrpyfg8&b=YLOb3QAC4-4K7YiQAA_0GZJb4OXYYiTwvAUM6A
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame F3B6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d6cb7a87615f1c3c62371ed111f5c46e74ea2c1e9ae66c776d9aecc33acec2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a5f31f0df00002b7179202000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657885c7ceb32b71-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 40D4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 05F2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39132
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40D4 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 40D4 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
23446
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11578-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1622383581.456539,VS0,VE0
date
Sun, 30 May 2021 14:06:21 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
27
x-cache-hits
35504
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame D4FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame ECCF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 40D4 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de08ce53e0428ac94c581228d1f8cff8b8a311693af041c4491466562eaabca1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 5C1A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Sun, 30 May 2021 15:06:21 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
580225
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a5f31f15300002b710496a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CzcWo2HDU0PFmnBvLMfeHrtSqoMEE6SCxj88NleLyeLoE57o4CJAnR1m8%2BrGGY5ZQ1ObyvNj3rXosCn3uI5x%2BVfwKdMeBWJcf%2BLofY9Z1gHyQqe0lLRtfCirWbxVMqSw"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
657885c888912b71-FRA
content-encoding
br
frame.html
ad4m.at/ Frame A566 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Sun, 30 May 2021 15:06:21 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
580225
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a5f31f15500002b714c95c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BKhHRZ%2FP5ez6KrsqbkQ4S9kZi%2FKY6XLtPQ9nsBuQ4cuWaOpMGQCsNyxd6HgooGD9tbnjzLsMV8cFoIYNKwuL49dZhEOXoFZ8cBif8Ok1UHgQm5XjMPB6gCI7SIl5dX%2FT"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
657885c888962b71-FRA
content-encoding
br
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame F3B6 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5936834
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
0a5f31f16300002b71610e3000000001
last-modified
Tue, 16 Mar 2021 10:53:32 GMT
server
cloudflare
etag
"44274c587ed8382583221bb023d51c5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YCdP0OIFMllqdgyjr8ImYdgm7QDiy6pif68diShrfSorXNMhpIvZJp%2F1zRATveHBAfrwt0BddMc%2BCDWdbuN9AhhBhCZL14Adlrojglf7GwHtI7WtOvBKahtj6vuS2aAB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615892011975494
content-type
text/css
expires
Tue, 22 Mar 2022 20:59:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
657885c898c32b71-FRA
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame F3B6 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a

Request headers

Referer
https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=VHPQMw==, md5=O4FGM/ivTqRkLkRDXbVbMw==
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
74439
x-guploader-uploadid
ABg5-UyHG-hOHMrblKFIYL7z0-xw-9pArwKph-VJrtcWULownBnqKUo-1GLHEGsXvwH8Zp6QorI5FIk9wmVPTpub1M4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31f16300002b713b05c000000001
last-modified
Thu, 06 May 2021 17:25:03 GMT
server
cloudflare
etag
W/"3b814633f8af4ea4642e44435db55b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QRKzDxkHfY9zsLEeoi%2BlGvi%2BM2F07DH9ImbnjtydkT5XGHbNCZ6B6JYguVEpkH4TYWjOVO9MgmXy%2F5lvDMsKyoNYz89nKlhiEc%2FA4DqtnbUOzir6aix3OJFhExTr95H%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620321903630655
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12034
cf-ray
657885c898c52b71-FRA
expires
Sat, 29 May 2021 17:25:42 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 05F2 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE_U2W96TtB4L8GW9mVon2g&google_cver=1&google_push=AQvitUKXYrgsO0_y4-7tZ8etiV2X3JUXVkMawTGuMNewY4xttQDMg2RIWI-pHF2HkqPZkLncIaBCjNEjsyiXm6wMRjL-TdWM--HB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 05F2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUJQ2BYoj5kh4xtz5sTy6V4qwLpw81BGvTCu8Us97tZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUJQ2BYoj5kh4xtz5sTy6V4qwLpw81BGvTCu8Us97tZDI2upksr4wy9pl0UFaC5y-bsOqoU20MCs38ST7Zvnz2ZyRyYJaAVH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:21 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NTFwNVdKa2IxTE5tNTc1&google_gid=CAESEKvVGNlcyvKOkNfGaLPJu1w&google_cver=1&google_push=AQvitUJQ2BYoj5kh4xtz5sTy6V4qwLpw81BGvTCu8Us97tZDI2upksr4wy9pl0UFaC5y-bsOqoU20MCs38ST7Zvnz2ZyRyYJaAVH
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 05F2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657885c9ecf8dfcb-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a5f31f2310000dfcb15252000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
7922
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
657885c8babddfcb-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGEobz0aaP5xX6XMw9Xa_ho&google_cver=1&google_push=AQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAQvitUI_MFZj-owsfQZeUC15ORRpYGhjCGcr9miPU1q7ujUkW7OluGnI2oStr1ep5dMLMWxiOe_SZAw299I2_NakJcQr1I4n-HM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5f31f1720000dfcb45926000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05F2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJBvOEYFIoKvKiCyy1aqCck&google_cver=1&google_push=AQvitUKKNP3C9XvMxVNqhN18EXbmeDgso_rtXxDXHLQCT6vZekPye_6uNOSSSqB45gU0o2OdgO9GnYbFLwEtQw7-vB-OQMc-Wps
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitUKKNP3C9XvMxVNqhN18EXbmeDgso_rtXxDXHLQCT6vZekPye_6uNOSSSqB45gU0o2OdgO9GnYbFLwEtQw7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitUKKNP3C9XvMxVNqhN18EXbmeDgso_rtXxDXHLQCT6vZekPye_6uNOSSSqB45gU0o2OdgO9GnYbFLwEtQw7-vB-OQMc-Wps
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 14:06:21 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3106C283A4894E06A306DE5E547A9A4B&google_push=AQvitUKKNP3C9XvMxVNqhN18EXbmeDgso_rtXxDXHLQCT6vZekPye_6uNOSSSqB45gU0o2OdgO9GnYbFLwEtQw7-vB-OQMc-Wps
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sat, 29 May 2021 14:06:21 GMT
pixel
cm.g.doubleclick.net/ Frame 05F2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDjzDiOXgHW9JJXVSNCiU7c&google_cver=1&google_push=AQvitUJnxmHXA3RJN4rICA0oBQzdvh6JoPWPNzNidH6KgJiWc18I2NBEDpx0U0G5mVSVLK4_uqlvqjg5lCLm4pTry1zo3r3...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJnxmHXA3RJN4rICA0oBQzdvh6JoPWPNzNidH6KgJiWc18I2NBEDpx0U0G5mVSVLK4_uqlvqjg5lCLm4pTry1zo3r3CsFil&google_hm=NDg3MTYzNTk1MzQyMTczNT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJnxmHXA3RJN4rICA0oBQzdvh6JoPWPNzNidH6KgJiWc18I2NBEDpx0U0G5mVSVLK4_uqlvqjg5lCLm4pTry1zo3r3CsFil&google_hm=NDg3MTYzNTk1MzQyMTczNTE2Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 14:06:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJnxmHXA3RJN4rICA0oBQzdvh6JoPWPNzNidH6KgJiWc18I2NBEDpx0U0G5mVSVLK4_uqlvqjg5lCLm4pTry1zo3r3CsFil&google_hm=NDg3MTYzNTk1MzQyMTczNTE2Mw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 05F2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPmt_GTGPTyyZduAoULt0Lw&google_cver=1&google_push=AQvitUIuj7wSlLjmHJtN_fY6PZGX_XeiHGANhbbewE6uCVra9YVK82yAlZyBwrcWGbcLxtk8REP...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFORFEtUS1HRUhW&google_push=AQvitUIuj7wSlLjmHJtN_fY6PZGX_XeiHGANhbbewE6uCVra9YVK82yAlZyBwrcWGbcLxtk8REPVOBtrTH2giQiQosCP0_TVoHcy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFORFEtUS1HRUhW&google_push=AQvitUIuj7wSlLjmHJtN_fY6PZGX_XeiHGANhbbewE6uCVra9YVK82yAlZyBwrcWGbcLxtk8REPVOBtrTH2giQiQosCP0_TVoHcy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1BCOUFORFEtUS1HRUhW&google_push=AQvitUIuj7wSlLjmHJtN_fY6PZGX_XeiHGANhbbewE6uCVra9YVK82yAlZyBwrcWGbcLxtk8REPVOBtrTH2giQiQosCP0_TVoHcy
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 05F2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGUHMFH4S0N_KiISN5VC3eE&google_cver=1&google_push=AQvitUInS8EKPeHBC0VS010lIKqNp5m7b_2FguA4MiQtUxzJBLUN1rBE6Wvb42ymkrbb2X-nZMeY-Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUInS8EKPeHBC0VS010lIKqNp5m7b_2FguA4MiQtUxzJBLUN1rBE6Wvb42ymkrbb2X-nZMeY-Y7-oJvXj1MWCJ1RPPq-yv4P&google_hm=NDk5OTQ1MD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUInS8EKPeHBC0VS010lIKqNp5m7b_2FguA4MiQtUxzJBLUN1rBE6Wvb42ymkrbb2X-nZMeY-Y7-oJvXj1MWCJ1RPPq-yv4P&google_hm=NDk5OTQ1MDQ2NjU1NzYzNjE0MA%3D%3D
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AQvitUInS8EKPeHBC0VS010lIKqNp5m7b_2FguA4MiQtUxzJBLUN1rBE6Wvb42ymkrbb2X-nZMeY-Y7-oJvXj1MWCJ1RPPq-yv4P&google_hm=NDk5OTQ1MDQ2NjU1NzYzNjE0MA%3D%3D
date
Sun, 30 May 2021 14:06:21 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 05F2 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9wLO0N0_oz775DynnwdGN0SMv8paaUf1FPNT4lgSbUqGh3qrNndROeaC9VEEVUntMUFAa
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame CE35 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/passback/rbanner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48356
x-xss-protection
0
server
cafe
etag
3890051329819667200
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:21 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F3B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
frame.html
ad4m.at/ Frame 3C5B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Sun, 30 May 2021 15:06:21 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
580225
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a5f31f1c400002b71690ca000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XP1ZBYc5TzR9Riq5QRW0ila1QUQvSgimRdp9FMDEQr3DqAvc7yTLPPmUBnywN9LWdFxjVtK4lIyhoXpiH3rfhtUOECxKyjaKQi44%2FUwteEhIjcmxxOQkQ6mkJUgJ1Q47"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
657885c93a522b71-FRA
content-encoding
br
sodar
pagead2.googlesyndication.com/getconfig/ Frame 90E9 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9aa215398a9a040f49cf7447017c04d7189770f88338cc67849c5d3f86e6b4b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7686
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 18AF 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac35bf76512423e822153fb80ba9f117bbba3833364bffe51c6e0a9144b75fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8176
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/ Frame CE35 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87658
x-xss-protection
0
server
cafe
etag
5316214545020586774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 May 2021 14:06:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 90E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 18AF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
frame.html
ad4mat.net/ Frame B0F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:657885c98ba5c2c2:FRA; path=/; expires=Sun, 30-May-21 14:06:51 GMT cf_use_ob=443; path=/; expires=Sun, 30-May-21 14:06:51 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
657885c98ba5c2c2-FRA
server
cloudflare
frame.html
ad4mat.net/ Frame FD6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:657885c99bb1c2c2:FRA; path=/; expires=Sun, 30-May-21 14:06:51 GMT cf_use_ob=443; path=/; expires=Sun, 30-May-21 14:06:51 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
657885c99bb1c2c2-FRA
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame 40D4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=bdt.94,req.298,bpp.10,fb.534,e2e.838,fs.-1622383580870,reqs.-1622383580870,ress.-1622383580870,rese.531&e=&id=csi_pagead&gqid=3ZuzYJaXC9W1twfLgq7oDQ&qqid=CK6qr-jJ8fACFZCI7QodGfQPJg&rt=lb.107,ol.304
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151382138&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383580870&bpp=10&bdt=94&idt=280&shv=r20210524&cbv=%2Fr20110914&ptt=5&saldr=sa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=5858417810452&frm=23&ife=5&pv=1&ga_vid=1791129875.1622383579&ga_sid=1622383581&ga_hid=1351714775&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7596&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21066432%2C31060615%2C31060972%2C31060975%2C44743003&oid=3&pvsid=4090340523540662&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.wtwnv28bcney&btvi=1&fsb=1&dtd=298
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 754C 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a2d325c23e26dc0b7327635f857311164b25e3cb3aee9a1040147666b86f220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7650
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 60A4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 10:58:21 GMT
expires
Mon, 30 May 2022 10:58:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11280
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6E27 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4ff1150e4f3a0813c75efb1677bedc705606aa470ba04442d07cd95156eb41d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+v98Mk0n82gaff3FDSDybA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=b5HE3ysoWaHAsmOFKnFSKgRAPxm6nGwS1oIXPRNL32Ykuoq-3E3BA4iA1WZgcqCc1tOrPIMNZRiS-MqOaD8-U-ynaflQD5W7u6eK2GsORaKn_uh7OkLkHnzdUukSVD-pqMCR8uWmMrmJE8fyDCgw5OXybXyuiICYxujkCJmzxlI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Sun, 30 May 2021 14:06:21 GMT
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+v98Mk0n82gaff3FDSDybA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 12A6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 10:58:21 GMT
expires
Mon, 30 May 2022 10:58:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11280
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9E57 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
66eb27bc477627e82635f4fe9daa8d223e0415566e085ff2a5f238b4455dda8f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AMAHr0FWajpZ66I4aS+N/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=b5HE3ysoWaHAsmOFKnFSKgRAPxm6nGwS1oIXPRNL32Ykuoq-3E3BA4iA1WZgcqCc1tOrPIMNZRiS-MqOaD8-U-ynaflQD5W7u6eK2GsORaKn_uh7OkLkHnzdUukSVD-pqMCR8uWmMrmJE8fyDCgw5OXybXyuiICYxujkCJmzxlI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Sun, 30 May 2021 14:06:21 GMT
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AMAHr0FWajpZ66I4aS+N/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 754C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202105270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1&bust=exp%3D31060975
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame CE35 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=portal.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame CE35 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=portal.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CE35 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=portal.correiodopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C702 		405 B
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&h=280&slotname=4395598142&adk=4288222842&adf=2579204368&pi=t.ma~as.4395598142&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383581670&bpp=3&bdt=139&idt=86&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=3270190933151&frm=8&ife=1&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383582&ga_hid=615227418&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=2393117842&scr_x=-12245933&scr_y=-12245933&eid=44743203&oid=3&pvsid=955214950119609&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.72cmnecup2ig&fsb=1&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
715f82f2ac5561a972188c3804b08b134a02ad4536b139ec8af1d010f90efa9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3488053582622085&output=html&h=280&slotname=4395598142&adk=4288222842&adf=2579204368&pi=t.ma~as.4395598142&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622383581670&bpp=3&bdt=139&idt=86&shv=r20210524&cbv=%2Fr20190131&ptt=9&saldr=aa&cookie=ID%3D8efcae9b29c51ba2-221e38b858c800fb%3AT%3D1622383579%3ART%3D1622383579%3AS%3DALNI_Ma6g2YjyqMA0REmBmtJe7fBPDB39A&correlator=3270190933151&frm=8&ife=1&pv=2&ga_vid=1791129875.1622383579&ga_sid=1622383582&ga_hid=615227418&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=2393117842&scr_x=-12245933&scr_y=-12245933&eid=44743203&oid=3&pvsid=955214950119609&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.72cmnecup2ig&fsb=1&dtd=103
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmbJ3xf0OqG3CXIjcAy9tIz22BRm5P8JU6rmNuhDoUQOQFIJUMwOqK4F2o3u7U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.correiodopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 30 May 2021 14:06:21 GMT
server
cafe
content-length
204
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame CE35 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028727180027"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27990
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
frame.html
ad4mat.net/ Frame 399E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:657885ca2cd3c2c2:FRA; path=/; expires=Sun, 30-May-21 14:06:51 GMT cf_use_ob=443; path=/; expires=Sun, 30-May-21 14:06:51 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
657885ca2cd3c2c2-FRA
server
cloudflare
truncated
/ 		368 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43b8924e1838709ed3c11df6d5de135cf72acbc72d0628f5299964dd3ba24aab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		337 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.647/ins.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117995
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
4bb3571af69d9e6d1841b5ed10e27649b81d675c_240.mp4
vid870.trvdp.com/video/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid870.trvdp.com/video/4bb3571af69d9e6d1841b5ed10e27649b81d675c_240.mp4?Expires=1622469159&Signature=Vvxg4oCaX3auY4HPlZAwplbuIvlrmxFTSB9nHeC1ZNOjlFocqFmW1ZLI2bcSPG~1rAAfYko~8F-UluV9X24wWn3~YFC8VIEWr7CAyLKpY837lDg-vmxsiwmLWhmw59dJ3JZSosxYd0seg6bXqnq-pnnu~8Uy9nJFIVtyzx0ztjNjGwLsqjjB2XHajC~zjEjskrbWlHCIlu2Ffpm6G3Nr191eTXs37CEK4pPT27O1rPKfFQKcYHQrv-yTM48DT1t7Iy31qYQBaLaqE50GkO0Csmjea8wZPMrt8lN7-AnijxSyTUQ8mmOdhSbdCknUr3nWx~r9HSFxvmAia4IOxa86Jg__&Key-Pair-Id=APKAJQPXW35KA6HJKSMQ
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4200:16:9bc3:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.correiodopovo.com.br/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 29 May 2021 18:54:13 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Sat, 29 May 2021 18:49:35 GMT
server
AmazonS3
age
69129
etag
"53997f8666a2101ac1588501a1ddb90f"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-1702513/1702514
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
Content-Length
1702514
x-amz-cf-id
3ymosxU9Nk19X7tg4DaaDFVIXm8nuZv4DxcWwKlrkXiS_E2DLoM2yA==
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5ED9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 10:58:21 GMT
expires
Mon, 30 May 2022 10:58:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11280
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 929B 		783 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
917e3b0ca98580fb4957573da5d4ba2759d8561bb1441e7769a7d34f68a07e73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9M/siTby9TmhuHIMdWnpZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=b5HE3ysoWaHAsmOFKnFSKgRAPxm6nGwS1oIXPRNL32Ykuoq-3E3BA4iA1WZgcqCc1tOrPIMNZRiS-MqOaD8-U-ynaflQD5W7u6eK2GsORaKn_uh7OkLkHnzdUukSVD-pqMCR8uWmMrmJE8fyDCgw5OXybXyuiICYxujkCJmzxlI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Sun, 30 May 2021 14:06:21 GMT
date
Sun, 30 May 2021 14:06:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9M/siTby9TmhuHIMdWnpZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.html
eus.rubiconproject.com/ Frame 461C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.647/ins.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.correiodopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 May 2021 14:06:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Date
Sun, 30 May 2021 14:06:21 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
pixel.advertising.com/ups/57304/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc&_origin=0&gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESENNRmrvHvNiK7ifCNTVHekg&_origin=0&gdpr=1&gdpr_consent=&nsync=1&google_cver=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/57304/sync?uid=CAESENNRmrvHvNiK7ifCNTVHekg&_origin=0&gdpr=1&gdpr_consent=&nsync=1&google_cver=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.106.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-106-231.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.advertising.com/ups/57304/sync?uid=CAESENNRmrvHvNiK7ifCNTVHekg&_origin=0&gdpr=1&gdpr_consent=&nsync=1&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=I86RUkNmNJk5eY7N/bPzXYCybzMjB+7opVWw5UkaLl2hntihCeTxUn4ZgFyW0U2ceXwIDAo6YUINYIymBz+1w/DDuZ/PG1lTLxOTwiVmyuNFDFrlGcApLeFz7ZkpTviw38BF+fq5OX+NBuMutnIcryw6NmvKFl8+xcDDqAy/rOzbCssTHAQMFf9VT/pvZlQ+txJL05aZVh9UdHlFLncx/g9DyQ5Zsqq9CCfrQra+ryw+fyc3Kabd6/l09XWoUM0PBv09sL8AolLPr77IGdf28Q==
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.32.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
server
nginx/1.6.2
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:06:21 GMT
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4bb3571af69d9e6d1841b5ed10e27649b81d675c_2.jpg
vid870.trvdp.com/images/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid870.trvdp.com/images/4bb3571af69d9e6d1841b5ed10e27649b81d675c_2.jpg?Expires=1622469159&Signature=B1xIRQ5u5tTi1OKbVhOsb3Vk6nFm7BKYeUVlGbgv4QCzgyAZtsimy5v8od6C4TfIp8jNu5ii1IcDM-c0phdxz5bb5CMKJT9pD6FuyGBkUl8s9~X~E6~R42owshCUa33mHTZu-p3d240z6NgjNdDjmSKWysFMUUH~nAeUiqLhjBdTV3rYuxxwymhh~y3nOtCyAD7HiQStIv5C5zeCgEfdbqj8reradyQykE4BOS-LtQ~IGD6UPFLU8gRyPtFeP1doomTcUZxt83JzchS37Bg7RNySOea4-KNNDfd0wCNCrQo8u-Wuwh1dYcjna1APyrqZ3pKhUw~BAhVp~sEvW2NfVw__&Key-Pair-Id=APKAJQPXW35KA6HJKSMQ
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4200:16:9bc3:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b49264f234d7237e59604a5238e76d79a3dbbda3fd7c2678faa34e2e35a74a9c

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 18:54:13 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
last-modified
Sat, 29 May 2021 18:49:35 GMT
server
AmazonS3
age
69129
etag
"7c4f23777a5724b51bae59d19d3b74e8"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
90217
x-amz-cf-id
A89a8KmEsAjyVWmUUKtU-hjRxZLS3wt0IvqGatveaxU52MtSUBjRUw==
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 60A4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
11852
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 10:48:49 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 12A6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
11852
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 10:48:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E86 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1248722756&adf=3151382137&str=true&ad_y=8450.78125&vph=1200&r_nh=0&qid=CJah1OjJ8fACFZf57QodJzIKfg&w=336&h=280&nh=0&rsz=%7C%7CE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CE35 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3f01368cb693202ac37927a7c80ea4df5d065b0e3d5509b94f51bac66936adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8164
x-xss-protection
0
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 5ED9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
11852
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 10:48:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CE35 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=portal.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2E86 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
593c7304278474fa6e76b1311e99a4a98766da62a4d22af102cfb79bb010f6e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8106
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3C04 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 10:58:21 GMT
expires
Mon, 30 May 2022 10:58:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11281
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F3D5 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3c22c1a15f4967911575778098fcd4b36055b8f04214df80b6d72949de9af91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xXayJGvzkT2LIHkr+Jv3Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://portal.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=b5HE3ysoWaHAsmOFKnFSKgRAPxm6nGwS1oIXPRNL32Ykuoq-3E3BA4iA1WZgcqCc1tOrPIMNZRiS-MqOaD8-U-ynaflQD5W7u6eK2GsORaKn_uh7OkLkHnzdUukSVD-pqMCR8uWmMrmJE8fyDCgw5OXybXyuiICYxujkCJmzxlI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://portal.correiodopovo.com.br/

Response headers

expires
Sun, 30 May 2021 14:06:22 GMT
date
Sun, 30 May 2021 14:06:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-xXayJGvzkT2LIHkr+Jv3Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:06:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2E86 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:22 GMT
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 8591
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c&tbid=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e&query=taboola_hm%3D6fb7a77a-55d4-...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c&tbid=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e&query=taboola_hm%3D6fb7a77a-55d4-4f0a-9ee6-f395629e574c&isDirect=0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1622383583.587344,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11578-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6fb7a77a-55d4-4f0a-9ee6-f395629e574c&tbid=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e&query=taboola_hm%3D6fb7a77a-55d4-4f0a-9ee6-f395629e574c&isDirect=0
tbl-x-upstream
10.41.22.181:10213
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx
x-fastly-to-nlb-rtt
27889
sd
u.openx.net/w/1.0/ Frame 8591
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=
date
Sun, 30 May 2021 14:06:22 GMT
via
1.1 google
server
OXGW/16.207.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync.php
pixel.rubiconproject.com/exchange/ Frame 8591 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 8591
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=62c25d4d-6ab1-5296-a303-8f7fc3b014a1
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=62c25d4d-6ab1-5296-a303-8f7fc3b014a1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx
x-fastly-to-nlb-rtt
26551

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=62c25d4d-6ab1-5296-a303-8f7fc3b014a1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 8591 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 8591
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DBMwoTZ1rXD5&ev=1&orig=trc&pid=562107
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DBMwoTZ1rXD5&ev=1&orig=trc&pid=562107
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx
x-fastly-to-nlb-rtt
27178

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=DBMwoTZ1rXD5&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-555c8fd69d-hvbcr
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 8591
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=9193771210727202567&orig=trc
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=9193771210727202567&orig=trc
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx
x-fastly-to-nlb-rtt
22243

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:22 GMT
X-Proxy-Origin
185.236.42.202; 185.236.42.202; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid
19c5d382-e144-43a4-87b2-9531dc3d5ea6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=9193771210727202567&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 8591
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFYMOBZiuCRp3AW9zfdiI9s&google_cver=1
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFYMOBZiuCRp3AW9zfdiI9s&google_cver=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
52
date
Sun, 30 May 2021 14:06:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1622383582.263518,VS0,VE52
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11578-HHN

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEFYMOBZiuCRp3AW9zfdiI9s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8591 		42 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b:$UID
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:668
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 8591
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=8b8b2922-d01c-4f92-9f1d-668f070eceb4-tuct7ad215e
tbl-x-upstream
10.41.14.57:10213
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx
x-fastly-to-nlb-rtt
22249
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 8591
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ada1d640-8e19-452d-b3d5-eb8afa5093a0
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ada1d640-8e19-452d-b3d5-eb8afa5093a0
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
51
date
Sun, 30 May 2021 14:06:22 GMT
via
1.1 varnish
server
nginx
x-timer
S1622383582.382136,VS0,VE51
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11578-HHN

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=ada1d640-8e19-452d-b3d5-eb8afa5093a0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 8591 		43 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&us_privacy=&gdpr=0&gdpr_consent=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:22 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 8591 		49 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 8591 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 8591 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:21 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8591
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7065b4f9-4577-43b5-873a-e399e77ca1f9
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7065b4f9-4577-43b5-873a-e399e77ca1f9
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Sun, 30 May 2021 14:06:22 GMT
server
nginx
x-fastly-to-nlb-rtt
26551

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Sun, 30 May 2021 14:06:22 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7065b4f9-4577-43b5-873a-e399e77ca1f9
cache-control
no-cache
server-processing-duration-in-ticks
16591
content-type
text/html; charset=utf-8
content-length
222
expires
Sun, 30 May 2021 00:00:00 GMT
check
pixel.tapad.com/idsync/ex/push/ Frame 8591
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOJ-NxumCvhGdTshYL-41U9Uic7VyP5IGHDrGncA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOJ-NxumCvhGdTshYL-41U9Uic7VyP5IGHDrGncA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=b24f97d0-40d1-47c3-864f-924cee95ae34&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENYRg1yuR8W7rTRXFBtqMZw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESENYRg1yuR8W7rTRXFBtqM...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=9082936966882120102&opid=apx&ops=&utidl=tech:goo:CAESENYRg1yuR8W7rTRXFBtqMZw&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17773897474&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=d48598aabcc7a69ae8570ef7eb7ff19e&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=cae170d1-8205-4829-a8fd-0ef7bf6de4c0&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 8591
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZvfuOFmiC1CPLR1S35uzYA
0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZvfuOFmiC1CPLR1S35uzYA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sun, 30 May 2021 14:06:23 GMT
server
nginx
x-fastly-to-nlb-rtt
25536

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ZvfuOFmiC1CPLR1S35uzYA
date
Sun, 30 May 2021 14:06:23 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 8591 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sun, 30 May 2021 14:06:16 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 8591
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2de430ef-b1b9-4f5d-9a77-c0b534508b15&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4a1dbdbc-7e80-4d01-a13a-7ea5b2c858de
0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4a1dbdbc-7e80-4d01-a13a-7ea5b2c858de
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Sun, 30 May 2021 14:06:25 GMT
server
nginx
x-fastly-to-nlb-rtt
25119

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4a1dbdbc-7e80-4d01-a13a-7ea5b2c858de
date
Sun, 30 May 2021 14:06:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cds.js
cdn.taboola.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210530-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding
gzip
etag
"fe3141b1cffc47b284c82d96b098b304"
age
3520
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1181
x-amz-id-2
i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by
cache-hhn11578-HHN
last-modified
Wed, 10 Mar 2021 13:27:13 GMT
server
AmazonS3
x-timer
S1622383582.147627,VS0,VE0
date
Sun, 30 May 2021 14:06:22 GMT
vary
Accept-Encoding
x-amz-request-id
8G72GPESSN3T79N7
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
27
x-cache-hits
53147
usync.js
eus.rubiconproject.com/ Frame 461C 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60b100d1ecb1610c2e3e15e322549a5b0902d5b611bea2dd2369159566efe5d5

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=9560
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9267
Expires
Sun, 30 May 2021 16:45:42 GMT
container.html
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0A36 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 14:06:20 GMT
expires
Mon, 30 May 2022 14:06:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9936 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 10:58:21 GMT
expires
Mon, 30 May 2022 10:58:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11281
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F9E2 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
80978af32a775f5c0360c985b93663e2d612a84f0df2d82782cb0971b41f4f0e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r17fu+xRzyDSYE2wVl+NyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=216=b5HE3ysoWaHAsmOFKnFSKgRAPxm6nGwS1oIXPRNL32Ykuoq-3E3BA4iA1WZgcqCc1tOrPIMNZRiS-MqOaD8-U-ynaflQD5W7u6eK2GsORaKn_uh7OkLkHnzdUukSVD-pqMCR8uWmMrmJE8fyDCgw5OXybXyuiICYxujkCJmzxlI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Sun, 30 May 2021 14:06:22 GMT
date
Sun, 30 May 2021 14:06:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-r17fu+xRzyDSYE2wVl+NyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CC7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 14:06:20 GMT
expires
Mon, 30 May 2022 14:06:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F270 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 14:06:20 GMT
expires
Mon, 30 May 2022 14:06:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0609 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 30 May 2021 14:06:20 GMT
expires
Mon, 30 May 2022 14:06:20 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
t1.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t1.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.202 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6856c5a3a26b5a3f2ead70ca56870769d1fee88f9c457f4360812f2203565824

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t2.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t2.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.236 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
40f2b6e9b169afed3838d9ac668af7378d77ec312ca2a1f2532eb10a6263ab70

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t3.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t3.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.204 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
489f68fbabbda7aef5b332609440295a01305b3c967e1fd039f94d091388a766

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t4.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t4.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.225 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6f4b6612125fb3a0daecd2799dfd6c9c299424fd920f9b308110a2c1fbd8f443

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t5.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t5.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.210 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t6.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t6.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.240 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t7.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t7.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.194 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t8.taboola.com/ 		2 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t8.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.198 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
aacd834b5cdc64a329e27649143406dd068306542988dfc250d6184745894849

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
accept-ranges
bytes
content-length
2
/
pips.taboola.com/ 		64 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19127-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.correiodopovo.com.br
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
khaos.jpg
token.rubiconproject.com/ Frame 461C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
adview
securepubads.g.doubleclick.net/pagead/ Frame 0A36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwqFk3JuzYIfOFaan3gO-tLOgCYHApP1ilMSf7a0OspXItrQQEAEgqtOMaGDxlZKG2B-gAamtkOwDyAECqQLF2fe0IimAPuACAKgDAcgDmQSqBOMBT9CXRT5BhcfcNjIDnTedjqONpAIKK-R4ls_a47-TEISrCz71FQJ-2FW3il_Rn9uuUitJTf8lLWzXSIi-EPz9H8_-kQjnOwyXdGEXgXA_406Q7jAyxgTEp3BQmpk2MaBjwlcaFOgwNtyM21H-ydHgTNEq_xvJCN_1Onlb6sJlj_AIS4TBAgIPtHcyveBQq3mHAsp0ZhyqDpTOp__lSuaavpU4g_nOLvMc_PcsAdkUXiQPlBv-1rEgjZz4F9xNac_KJPDpcMpVvqocdBNnQYcG5fFjORGNGWLXcxGvmxK0MPTobAvABKqMzca3A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe_0u8TqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOCCD9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04MTcwOTY2NTM4MTUyNTQz&sigh=dsJPjLjZEKk
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 0A36 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0A36 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0A36 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0A36 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0A36 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10532
x-xss-protection
0
server
cafe
etag
13485069350837860933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 13:06:46 GMT
3011699606278161747
tpc.googlesyndication.com/simgad/ Frame 0A36 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3011699606278161747?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkXs65ZgisPXo9Padq2v0l53c8q4Q
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
064c8e686adbe696ff37163795f9c21c79cc74dd187981ed23b9169a3eb4cbb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 08:07:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 08:19:47 GMT
server
sffe
age
194316
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58386
x-xss-protection
0
expires
Sat, 28 May 2022 08:07:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6CC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CljwV3JuzYIjOFaan3gO-tLOgCYHApP1ilMSf7a0OspXItrQQEAEgqtOMaGDxlZKG2B-gAamtkOwDyAECqQLF2fe0IimAPuACAKgDAcgDmQSqBOYBT9D5qkJ5dd34TELaxAQEGm_tzbnzB59j64imx63bYvokK0bxBSJuk6V1t1gyHrp_oYtPj1m6hm4oNooi1P4fin9X0Fx3goAoZ86jS1nRGRoBsoCVDQsAqK7MyfF7VfHAi1_wEYUTORU5LihyC9c7ZpLECf3jBBTfHjok92Uu1JXxEhkSHq2rmIbKEr8dbQVMuvZBwyXQ-KaMM2JsRuvDYNm53-LnvqtKEJKr-0tiVncMFH9rLiXzn4HyYZFofXWrpuBxRU8ycd4HtjiriKMf8CKyiwrjRUJRcpfTxJQvMYxOH5RlsVvABKqMzca3A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe_0u8TqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENHsCtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04MTcwOTY2NTM4MTUyNTQz&sigh=c5_ugiZty_o
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3011699606278161747
tpc.googlesyndication.com/simgad/ Frame 6CC7 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3011699606278161747?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkXs65ZgisPXo9Padq2v0l53c8q4Q
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
064c8e686adbe696ff37163795f9c21c79cc74dd187981ed23b9169a3eb4cbb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 08:07:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 08:19:47 GMT
server
sffe
age
194316
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58386
x-xss-protection
0
expires
Sat, 28 May 2022 08:07:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 6CC7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 6CC7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CC7 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 6CC7 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
l
www.google.com/ads/measurement/ Frame 6CC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZzyfssnucSfaWS7zBaSZr2VRyr0TQ0tVyNKIYYp0AUOpcxFs1ZMYORfwUhuRHrv8QPAEf04egYh6kvK6WldHC3_vaBg
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 6CC7 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10532
x-xss-protection
0
server
cafe
etag
13485069350837860933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 13:06:46 GMT
index_970x250.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/ Frame 4D8D 		205 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc546538134467f1fe17c8e585441fe3dc8c046b5d96be7958771746cbd90d63
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 27 May 2021 04:33:13 GMT
expires
Fri, 27 May 2022 04:33:13 GMT
last-modified
Thu, 20 May 2021 08:29:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
67656
age
293589
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame F270 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkOLv3JuzYInOFaan3gO-tLOgCenE7sxi4_PkoPgN4dKDz4EKEAEgqtOMaGDxlZKG2B-gAYWp9cwCyAEJ4AIAqAMByAMIqgTpAU_QyY-c6tnAcCQj7OUzK1O3OANF57nH8rpLdBKGsGsGYxj6CuE7Bv9iyNIT5NKDWqymfe2247TRyfZbaHbhwYHvRtieHXfvCuCprOkU2xuX-618P8sSnG1BwEr_kp81XbRNP62i4BSy3_Rix263Fjdrn75BZtZi11ezjLNsvXE7VWpnkxYd56n0IEMXbIEcmmEcjFVkoW50B1KC7yDNv52vTG8l173Xy5oQZXHGlJaijAT8bVnkG3yx7v0a42kbWinWlN8CtEWBinBbiAGHLcitWZw2uWE8l934a3LK6szgYxPDDvIV0AqGwAS6u4muywPgBAGSBQQIBBgBkgUECAUYBKAGLoAH49aKswGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQnrkF0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02MjAzNDE5OTUxNDMxOTEygAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTgxNzA5NjY1MzgxNTI1NDM&sigh=hNbsxpgDHmg&template_id=419
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame F270 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame F270 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F270 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame F270 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
l
www.google.com/ads/measurement/ Frame F270 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9R8C1tufjLDvqHVfvtHSdDw8dxrE4sFWrWVGr_Tskj5LmSbSgThRHZA-lsr-rxRZ7cUw7zcmolM18lbWGIkAX2ai9Iw
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:06:22 GMT
css
fonts.googleapis.com/ Frame 0609 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:22:25 GMT
server
ESF
date
Sun, 30 May 2021 14:06:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:22 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0609 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:48 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0609 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrQKG3JuzYIrOFaan3gO-tLOgCbXYlPVi3sn5o_ANsIq1rNkiEAEgqtOMaGDxlZKG2B-gAY2VhMkDyAEBqQLF2fe0IimAPuACAKgDAaoE5QFP0NTxMEbjz22v9hWLpbyYTaENug6ypa89d9M8C3YTlOz_CEP7NYSBoq-z6_TxEGYjsh7QihMOq0KCkpOOqr9EZsZa-5flaXpQY0sqy31HAlURjIOdPWkw7ETCJNWUejAMYcT07ya87uR2OhcN3BuxU74zOkyb9QLSpSiXlFNtUyp45LpfbM676UJ-2Q2aww9prqgPdnm2qhxG2x-achYRG1VA_IG1vnrJUB1vSJHohPjq3Jhf6xxwFFQ-X3Ap94dvYWSMTCeKdYekdTLpwaWaaQt93cctOaYX-ZnUnb0nXaxVXm2AwATuwbWqvwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH2-r7NqgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDevSHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTYyMDM0MTk5NTE0MzE5MTKACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODE3MDk2NjUzODE1MjU0Mw&sigh=yQs9XdSl_mg&template_id=5001
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 0609 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
8821855511435206686
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0609 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:02:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0609 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1622028738751036"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37763
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 0609 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 13 Jun 2021 14:03:51 GMT
7d9aee27bee51cf015d1b4a8dc2025e1.js
www.gstatic.com/mysidia/ Frame 0609 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7d9aee27bee51cf015d1b4a8dc2025e1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 06:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 17:49:14 GMT
server
sffe
age
25924
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10414
x-xss-protection
0
expires
Sat, 28 Aug 2021 06:54:18 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15063291065768085095/ Frame 0609 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15063291065768085095/downsize_200k_v1?w=100&h=100
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d27b6d403bf1ecd3fbc68a5f1e512b619ab84792d927dd6d1c43669873613825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 04:54:48 GMT
x-content-type-options
nosniff
age
205894
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2499
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 07:54:57 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 May 2022 04:54:48 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 3C04 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
11853
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 10:48:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 51D1 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn29Kzwoh81a4jGxvWKhV8P0pzhbxn6EB4fbqEeDZL8duKsiBnKKvOx3KL6M8s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 13:29:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2222
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 721A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39133
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0A36 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb1b3ae9c432c1118b34c118066c8483924a212175762f5c0dbc89edd70df10f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:34 GMT
server
nginx
etag
W/"60a5fdd2-14a5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 31 May 2021 14:06:22 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AC40 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 13:29:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2222
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 603C 		1 KB
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 06:38:34 GMT
expires
Mon, 31 May 2021 06:38:34 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26868
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6CC7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af4d80a8089645c37cfb87c14ac2102a7d0a05646953be0b7f5fb7c13361a184

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4D8D 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 03:57:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 31 May 2021 03:57:01 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4D8D 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 18:54:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 30 May 2021 18:54:40 GMT
image-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/ Frame 4D8D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/image-1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58a2da1badb87d8a8f138ad06f31a8c9b67f791738cfa1ae755fe4f054061a9e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
270691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12903
x-xss-protection
0
last-modified
Thu, 20 May 2021 08:29:49 GMT
server
sffe
date
Thu, 27 May 2021 10:54:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 10:54:51 GMT
image-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/ Frame 4D8D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/image-2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
247dd94769bee5c85d3c04cf663c1f14320f0173fa82a9843cb034aaa117efb6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
270691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6114
x-xss-protection
0
last-modified
Thu, 20 May 2021 08:29:49 GMT
server
sffe
date
Thu, 27 May 2021 10:54:51 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 10:54:51 GMT
image-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/ Frame 4D8D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/image-3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1f48adf50ca985b6bde8b82bd9c567c313b38267ff0f16b7b7d6e61c9fe9644
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
270691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8468
x-xss-protection
0
last-modified
Thu, 20 May 2021 08:29:49 GMT
server
sffe
date
Thu, 27 May 2021 10:54:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 10:54:51 GMT
image-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/ Frame 4D8D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/image-4.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb33c676767ae63aa8bf20827c88ea4eeffd617f1bbb46ab2285803862f76572
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
270691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10026
x-xss-protection
0
last-modified
Thu, 20 May 2021 08:29:49 GMT
server
sffe
date
Thu, 27 May 2021 10:54:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 10:54:51 GMT
image-5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/ Frame 4D8D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/image-5.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1804a655274f2d41aaa315e3fac8c09135cd1f2f8e75ba2b00bebe9bcad575
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
270691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
last-modified
Thu, 20 May 2021 08:29:49 GMT
server
sffe
date
Thu, 27 May 2021 10:54:51 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 10:54:51 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E3BC 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 13:29:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2222
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F270 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ab51899c4c7bd902e2a2343d1d368b37d39a02e75c0f941154d35f86ffb3cd2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9C0C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 30 May 2021 13:29:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2222
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4583 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 30 May 2021 03:14:09 GMT
expires
Mon, 31 May 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
39133
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0609 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5650acd82e1b95792dcaecd60560958b521642b140f79eddc1c63ae8873409d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 9936 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:48:49 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
11853
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 10:48:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 18AF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=2134478980739847&bg=!gYKlgsbNAAaMan2LjGo7ACkAdvg8WtCicQ70ALLuf7qyP13P2zE2km9TC_BrD5s8d-O7vPRlEP3w3QIAAAH0UgAAAH5oAQcKAGwptrLWXsaxYj3Yx_F6Qaxl5YE8P_W9-D_LOIfuZybw2tN7ta19Zo58sG3d7CK8KpE8OypD-KEGwckvA7ROoAwJflnp53SelhK3z00vUHjo9oVtwcsVEI6Kdgn-qEcfzeynhTIK_EjIZvs0tjWZAoeynKgPHikRfrCPzewKBjEHU5fRMT3udOqcADWubNO-LvCOZ2Vxw5a5Up1oCcPota1OqFEJeZxObcEgMCAxOKIE27e6D11Fma2JoWGqzMB2_Uai546r3QDY4J0Df2V0iBiSw_QmYUhWyw6Z_ZMsa-XHnElXsXXaWkly7UNp3qa6OR8AeCSYsXsHhEi8suNN0PWMtAYEXH6g2-MDudDQxoVLCDIAhYU1chuPd4iw5jxThXPKEqjUkbUUU4Jg4HFQnAmOC4R8ZuyokYzXkgyFtXGU10v3ibupFfpoa5RA-kuklCmY8zagYAjacDbWDMk0-lQ5X3LWbhceTHaeQd0_TLhb1etkUmO20B9eZJUG_kGpoRxIT529gEil0toYjmb-oMtlDtkvG9vEROagKbTQoAeHiOsC6zzmBAqnspDkdUZbZMDCxLzyL-TAyz5lb9GthgsbFzM5xajCherIkYb8dIK_-KzQe_1t5-e6EakwVxd7bCbLdhCnfCRdKqTigNfrNArgrbHowKKnqoizRkK0BMJHuWsz5HS-tc_3JFy-ouC5VgZh3hJuvUv0cvHGQQ84DVTxgM9ZHfh4y8JpMLnIf2L8lGvOzuGvHh0DSInPJjxS2OffkiY_nPFZxS0QuNCyEsG-zeA0PYZ0r-Wu4vJmAC3BzVPFnluy2uURsrgf3DW-o40BBjuCP4yX668DmDt-lz1VCbKi8YC5yJdy4KWl6pbh9lVsRdIS0WcKyQaK9ZKxRXSV1XvegP6xOLgRmHSI4_bu4G9gXZtdu-MV8gTsfsum3OkParL7p-502F2IVxWoxnkIv9bPSxgHxuUStp2yO1c7ZZonZkJ2R9qm-fhJZzoN4v3PHWoY-w
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0609 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
14564
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:38 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 0609 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
186775
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:27 GMT
css
fonts.googleapis.com/ Frame 4D8D 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&subset=latin
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6703470307412726278/970x250/index_970x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 30 May 2021 13:04:06 GMT
server
ESF
date
Sun, 30 May 2021 14:06:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 May 2021 14:06:22 GMT
truncated
/ Frame 4D8D 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34e7f14f851cc76f658c5fc0673759576b14e57659145f186d037306c340b7f8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 90E9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=21896743984662&bg=!yMuly4_NAAaMan2LjGo7ACkAdvg8Wgedm5VuEAmebYVEHgxO7OJWs3eJzo2kYHjjY8CCr_Icg-K6ZgIAAAI1UgAAAI1oAQcKAHS8j9UuRHbuNp-q-FPqvDU8ml8f_Xujday7Bl0tCW1ksjBay_sQRKPDAQbjAbdfRQrcKI_YOqX6BI0goWTCZP16tENOhAZzdK24ESpQAttDfqhi18i5k2fG3xgsUXdoRKe496L8c5Kl0g5JFl4MXNVmgJo835kCY201lEHKrZViCE6lUhrm-6IQKzYd1vOYVMfrq9saElnPRENZFxPaFlNTVyqnrsNbMPBNwY1kjDSXFM4RphHvH9KZgaKym4H5lbMhTM3isIq5pKp3iK0Dz0WBqACrfFHdWBf98-bD-4dQRB6P08OxYplRUgrCNHE9c9yuc9l2LRJ6LZqWqKzC-dx4Cy91ugdamNoCRP5-Cgpanyn1tI4Sw8ml5zG8ey3FlrJ9NGYWer1oTIrMdx5R2Lb1zg6BNmU-5uvcFW-7DC2_MsCCOpa2MxQcjSr24s8DJPcJvsK5oPeGMRlPYknZrE088udnTMBlgg9fOEkWzjACO9aISVnu6t22yzwFSkJMQ7Rm59RHa_8rkCI1fNeTyqre9NEksV2rqCM6G7tu6Dl1DWTsercpWL1pbVthh56W42Q0cCzkpQVdS6fhiruYU6qotlbspqF4G-LvftFu7FBt6Rv5WMqL5dxKLSwDIpeXhAKiV3IFs_0LboLUkuI3H8jMllPC7L4AmmhlZPALI-O2QeKwyZ_r4gbX9wRNGIMyjL24n9uMXM_gK8y31BEmu2olpwIKEF4JgyDSc_mpba7RCUdhUtiOZcgeMDVAIxpKn4mSzONtSqsLs0MFKZzwzJmQ9h7GCfSoUDzasPggxBzNV9MnW_BOZ5gM42Ts5RpyrBDuZstNRIPyRw4NappgpcZ-H4kVWFvxOCTCPdfckz_XsVwjNqm8MPLu4r30sNfTk2rswT2fxf5XDJkYBAJ_FblFO3A7jf19bx9Zc-nTshIX9kCJAJN5Sci50wW7WjiQdC6iduK_v1TuLmWJ
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4D8D 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a03d2ecca41279eeac9eb9cbffc4dc85c7d65e649ebc4c11a0bc5180eb5d3842

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
truncated
/ Frame 4D8D 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
154d007e55175b36c38a1058f3d5c8a91c6eab77fd0b3526cc951fde4db74d0c

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-opentype;charset=utf-8
log_event
www.youtube.com/youtubei/v1/ Frame 4CD1 		28 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/K5WccSrxzpQ?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
X-YouTube-Client-Version
1.20210526.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtXRlo2WlNaUEprcyjbt86FBg%3D%3D
X-YouTube-Ad-Signals
dt=1622383580585&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKr_a48ZieyZU7ht_ucLkMInPs-L1p6GgypzPSginWQemgxEziXdAlxi-QIuzo188hxTglKEypRKM2fYUIpQ-Qm_Q0Pm9g

Response headers

date
Sun, 30 May 2021 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 754C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=4090340523540662&bg=!i4iliMzNAAaMan2LjGo7ACkAdvg8WkYbBYy0WbhFCdqZuPspF9gN0KOsRJtOr_ltSIOi6sYtGhT1lAIAAAJCUgAAAJloAQcKABbEOhNt-zH9KBYxkILvpAEkQJtKhrlbmQJpSzltxSmq2Rkmj8PpKUqCiwKOdiJMMGTIgKffBpfgckS8pRziZc1tqs4xPgn1znF_QAiz64h0josAhmVRCFBGatNILeVmwBrhi2c1E6zeg-hCcd41v0y8sZABsthc-wsupcnDkaU3BzTKatO6V0xueOWgZ7LrbvLxzlxdRdIwK-TrSlpOnzyvtSEDtKpXaTOy8uASX2E2p2okPILd71oCzNY3oMM9KoxwX3ykkAWZzBQ24jRE1608PQH55-YgGLx-hUkxdEX-tM1vFTxsJ6VG4GTkrpTn_1OFdBwjRmhsakME1QyfgqrFkmmastf9TVgVSh1iARwe6UforzjMrUvg7WWBWy-gSEvQWz4nAKtaG7ZRHXBrudWVS61NnPANGfhnHmVnmJJOvuuG62zQ3llEGOd6U0vCGNlcxenH4CVDPvezD7Y4L_PrN0qVO6B6jR_a4vxoCQ183II8Cw-9dhGKOhB0Rpqf-kjVoO537enjhbuMpiTyTrVCdkQP6Yoaiks6C5nB3fyzU9hQIK5xm0Xvlb9EjxSepat4vBvvFYMueJ_pEl4_oue3SJGZg4XU1QxkNjpGdiwNjdSwR-iQubVYuph7KBXfhlmicwTkWKgsCsPCmBXsB2l_K4BVoAsi9bhnaem_dgI1abTIiy0PlJMVo_-9Y1ZxY8Ydp57UrNGaJhKSCFacY8ffGropNCm3mjdGBdVts6RjQe8Kwo1kbCaBs5bVYBbQyNx9V2xOipUPsYOTA_aFBS5ErqC5yvJlNUDTG6IsEecaHagQrdMnv9DPtcOeSaZVgU0_Vm-vtY-anKLPIKD7z3mc1Gc
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 4D8D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
492662
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 24 May 2022 21:15:20 GMT
/
google2waycm.netmng.com/cm/ Frame 721A 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 721A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENOKKL7-OCjICctkNdtz9xc&google_cver=1&google_push=AQvitUIkJDnJIZbRl1-DrnLJ4qiP82XudPreo2EXOn5036pW6Hn86o-NbRy7KU9-ds-imBYVQJ6n6vRciN_rXNlTEJ3YuUr5hPuY
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ==
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ==&google_tc=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECCJsO1CoL04zX3RnbiaH14&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECCJsO1CoL04zX3RnbiaH14&google_cver=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECCJsO1CoL04zX3RnbiaH14&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 721A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=amNzRHFnZ3AxTE5tNTk1&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cver=1&google_push=AQvitUJPsT9COPGcUtpAHk87j3jYgJlQM47D7fT3pk8sAvv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=amNzRHFnZ3AxTE5tNTk1&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cver=1&google_push=AQvitUJPsT9COPGcUtpAHk87j3jYgJlQM47D7fT3pk8sAvvuptyEMyD8hH3DUj1i-cF9o6gqnbnkoZPOVyVrnQCiCjmLPm5_1mA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:22 GMT
Server
PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-077182e85f3323570@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=amNzRHFnZ3AxTE5tNTk1&google_gid=CAESEAITsZipECJF9ZVlMFoA9fg&google_cver=1&google_push=AQvitUJPsT9COPGcUtpAHk87j3jYgJlQM47D7fT3pk8sAvvuptyEMyD8hH3DUj1i-cF9o6gqnbnkoZPOVyVrnQCiCjmLPm5_1mA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 721A
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMNKx7cK92MEq3V_XO6b2X8&google_cver=1&google_push=AQvitULm8QFNGuBNXjbZLnYELPF_F44HUm9cFMOqMtpMppiEWGaoQ-mJsLjhYzPOPDsA6gRZvNNfg...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULm8QFNGuBNXjbZLnYELPF_F44HUm9cFMOqMtpMppiEWGaoQ-mJsLjhYzPOPDsA6gRZvNNfgomY2pM68SD4BPl8-Mi2-x5c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULm8QFNGuBNXjbZLnYELPF_F44HUm9cFMOqMtpMppiEWGaoQ-mJsLjhYzPOPDsA6gRZvNNfgomY2pM68SD4BPl8-Mi2-x5c
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 14:06:23 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitULm8QFNGuBNXjbZLnYELPF_F44HUm9cFMOqMtpMppiEWGaoQ-mJsLjhYzPOPDsA6gRZvNNfgomY2pM68SD4BPl8-Mi2-x5c
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
ZDdL+0XdgxZARlqgZisAAA==
pixel
cm.g.doubleclick.net/ Frame 721A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFTS-EVha2Pl_B061blEBgE&google_cver=1&google_push=AQvitUJ0QXMYBi0A3wvXqHdMHLgf6v-Usfc2iZ1xNh4RyurFgNRCBy5Nh-x4yHvycSdnv_2lXbwsDItH8UtxTR...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA4NDQzMDU1NTcwNzUzMw%3D%3D&google_push=AQvitUJ0QXMYBi0A3wvXqHdMHLgf6v-Usfc2iZ1xNh4RyurFgNRCBy5Nh-x4yHvycSdnv_2lXbwsDItH8UtxTRJaEX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA4NDQzMDU1NTcwNzUzMw%3D%3D&google_push=AQvitUJ0QXMYBi0A3wvXqHdMHLgf6v-Usfc2iZ1xNh4RyurFgNRCBy5Nh-x4yHvycSdnv_2lXbwsDItH8UtxTRJaEXH2_I5EQ9xl
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk2ODA4NDQzMDU1NTcwNzUzMw%3D%3D&google_push=AQvitUJ0QXMYBi0A3wvXqHdMHLgf6v-Usfc2iZ1xNh4RyurFgNRCBy5Nh-x4yHvycSdnv_2lXbwsDItH8UtxTRJaEXH2_I5EQ9xl
Date
Sun, 30 May 2021 14:06:23 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 721A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAbLY7ws8WWSimN8Lwa0Oqk&google_cver=1&google_push=AQvitUKiYH8pXRy59UGrbS5q6awZ8pL0GyinZCYepEFJrloLIxDAwSPcDzOMH3OAhNLdvykT4WjyE5zqc_VuZox8...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKiYH8pXRy59UGrbS5q6awZ8pL0GyinZCYepEFJrloLIxDAwSPcDzOMH3OAhNLdvykT4WjyE5zqc_VuZox8BE2BQO8vEHMG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKiYH8pXRy59UGrbS5q6awZ8pL0GyinZCYepEFJrloLIxDAwSPcDzOMH3OAhNLdvykT4WjyE5zqc_VuZox8BE2BQO8vEHMG
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 May 2021 14:06:23 GMT
via
1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AQvitUKiYH8pXRy59UGrbS5q6awZ8pL0GyinZCYepEFJrloLIxDAwSPcDzOMH3OAhNLdvykT4WjyE5zqc_VuZox8BE2BQO8vEHMG
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
_wJS7WIDqL6vFzAXKz11o2Gnvsm0QBrCG2keQOqg63CxcG7coHrYiw==
dot.gif
s0.2mdn.net/ Frame 721A 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESECQyWMSWSNzuvbClirb6lVM&google_cver=1&google_push=AQvitUIzJ0hZDXsf21NdnwHxWMKDHOAkcW3KNTMg-6x-WY8P03nlic--dymf8linx6yevBLzbSn7VEaRIyF0DouUuRT9xiaiD3YrqA
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 31 May 2021 14:06:23 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 721A 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kcfcw7PnDJMuYY1gizXuVEhQu0solsb_Yc8b0i0UxPJVzJqqZ-_zL-OImuEEuJ_XdUaplQ0A
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 51D1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 30-May-2021 15:06:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 14:06:23 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 603C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENOKKL7-OCjICctkNdtz9xc&google_cver=1&google_push=AQvitUK1p341-k7yHgz84U4bYt0NKQfsoNW8wtqV4dU3ttgfJrbSjTersiRs6bhFDhYVBINWSwFH5ZEgUANC_xHq_RlbVo9bckuE
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ==
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=MzYxNDYwOTk0NDM5NTIyMzM2MQ==&google_tc=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAevAfpp1pcFg0rW2BrBDm4&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAevAfpp1pcFg0rW2BrBDm4&google_cver=1
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAevAfpp1pcFg0rW2BrBDm4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 603C 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECgXkSbej8YlwMfTCPbnfwQ&google_cver=1&google_push=AQvitUKT8kHVJxHcaPSNdGLtgLKf3jbdTkj5rAbwAT6zCmGu0j4lRZFzdQNX2_FC014fZSImV_BpfrtNr9V73NHSbYvXHc-VQO0
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 603C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESECroWIeJiJ1o8x7i8FkCVCw&google_cver=1&google_push=AQvitULhfDkf1gBVq4yyuWp3VO6avwQf34HQsxGK-4aRbAs58C_PvlGcyGol_XhdT2Mpuh9nzSz7Roq6qGWr4V_eIu0gYo8FlIwn
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame 603C 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEFoC7xP0RXi4u5OZJcSHX28&google_cver=1&google_push=AQvitUJMLuoC2FRizio4y2AMzX_LeMJJsSmEvDRi3eFi_SDhn29CL8nc8OyBley_9qo6iRo2zx-XDlPBf76I1hARqMIDjIOa2wsc
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Mon, 31 May 2021 14:06:23 GMT
pixel
cm.g.doubleclick.net/ Frame 603C
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEE2QIIuDad58swfTRlgnoz0&google_cver=1&google_push=AQvitUJI9VjBCugy4BI33nOmiUvU6wbH4fRIVwieOi9ks9qByP3kGnhYxtEbSS7-J3674...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUJI9VjBCugy4BI33nOmiUvU6wbH4fRIVwieOi9ks9qByP3kGnhYxtEbSS7-J36748ULzNwsB421qHY7LdFhvYbhkBoNfvpQ&google_hm=QXZ5MURGMTd0emxOQzUzaFEt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUJI9VjBCugy4BI33nOmiUvU6wbH4fRIVwieOi9ks9qByP3kGnhYxtEbSS7-J36748ULzNwsB421qHY7LdFhvYbhkBoNfvpQ&google_hm=QXZ5MURGMTd0emxOQzUzaFEtcVVLX0E=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AQvitUJI9VjBCugy4BI33nOmiUvU6wbH4fRIVwieOi9ks9qByP3kGnhYxtEbSS7-J36748ULzNwsB421qHY7LdFhvYbhkBoNfvpQ&google_hm=QXZ5MURGMTd0emxOQzUzaFEtcVVLX0E=
Date
Sun, 30 May 2021 14:06:23 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 603C
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMUICNxhCkQ-45bBA3BUxU4&google_cver=1&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6di...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMUICNxhCkQ-45bBA3BUxU4&google_cver=1&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6di...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6dicKYM-vGB8FA&google_hm=f468e32a2f45a81de2759aea
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6dicKYM-vGB8FA&google_hm=f468e32a2f45a81de2759aea
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 14:06:23 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AQvitULEyb96JjIDQVUs4lfCN-_TvJ0rFi5tGwX-jScwIvrHmHlVljpEK_cqz73a4Nb4kIe3OhNdHyb_m4wJNV6dicKYM-vGB8FA&google_hm=f468e32a2f45a81de2759aea
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 603C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPy-9LKnyl2jhgVJgGX2OfU&google_cver=1&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ij...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEPy-9LKnyl2jhgVJgGX2OfU&google_cver=1&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ij...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CZGEyUmFkRTJ1RVdxLmFESTcxejBVRnF3Q20xaEdQRH5B&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CZGEyUmFkRTJ1RVdxLmFESTcxejBVRnF3Q20xaEdQRH5B&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ijhmlc6NQqe0_tLa0J4wRbRZ1eGbSw
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 May 2021 14:06:23 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CZGEyUmFkRTJ1RVdxLmFESTcxejBVRnF3Q20xaEdQRH5B&google_push=AQvitUKZp-_P0pbtLR1HS9HnuhJJh2bkHMIeplVrt7AStGeKsxqzitCJt4r06ikYOWfmHOB_Ijhmlc6NQqe0_tLa0J4wRbRZ1eGbSw
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 603C 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGFIObTtCMgSxRNK7wQaDul7yvh4RliRFq3T2inCTqeUC8yv4g4XWzxAU8vukhGq8MvHahDA
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4583 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELdS-Cf3sEJwi2df69Ey8sU&google_cver=1&google_push=AQvitUIgEzAATJNgBWRTncfiETTT32K7TDsTWdK0W-6OAx2MWbMNnJBDFmHEAuMIy1uSkU5svlrNQqA9pv0nn2EvEYtWhVmSIQ
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 4583
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEETFcGlSvOhF2PCH6cGHM4I&google_cver=1&google_push=AQvitUJmXRiWsNSZOmq9d_RNNHCpTYLCac8kETaXfq86xoRJ0gmFcR8bSClSbhwUS2WJi1K3ypQxXVyF1yN...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUJmXRiWsNSZOmq9d_RNNHCpTYLCac8kETaXfq86xoRJ0gmFcR8bSClSbhwUS2WJi1K3ypQxXVyF1yNwqq0To7OvCns3S-k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUJmXRiWsNSZOmq9d_RNNHCpTYLCac8kETaXfq86xoRJ0gmFcR8bSClSbhwUS2WJi1K3ypQxXVyF1yNwqq0To7OvCns3S-k
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AQvitUJmXRiWsNSZOmq9d_RNNHCpTYLCac8kETaXfq86xoRJ0gmFcR8bSClSbhwUS2WJi1K3ypQxXVyF1yNwqq0To7OvCns3S-k
Date
Sun, 30 May 2021 14:06:23 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 4583
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENV9_eO6Wetz1YzCr4TX5_Q&google_cver=1&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16d...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng&google_hm=MjI4MDEwMjUwNjI4OTkyNTEy
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng&google_hm=MjI4MDEwMjUwNjI4OTkyNTE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng&google_hm=MjI4MDEwMjUwNjI4OTkyNTEy&google_tc=
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitULzbBAlh9I8wJ0qb-zlRJg2TLPIOvauJjIYApMEaTOc32MavXTL2KMVfrcWGR945E_T80OsiLxwSm85CKmnI1mW16ds6Ng&google_hm=MjI4MDEwMjUwNjI4OTkyNTEy&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4583
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6x271gZISeK2Zl89g9BOtA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6x271gZISeK2Zl89g9BOtA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIeqiVHfnCg845e5anLHU7Vt7NFg0qLr4C4eyDyeo18ZPaEFaN2BVWWqvysAtsm3kyLT5MJLuKRGT4gNWoqJoW1Iv4fBs
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6x271gZISeK2Zl89g9BOtA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUJIeqiVHfnCg845e5anLHU7Vt7NFg0qLr4C4eyDyeo18ZPaEFaN2BVWWqvysAtsm3kyLT5MJLuKRGT4gNWoqJoW1Iv4fBs
date
Sun, 30 May 2021 14:06:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4583
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEGsugBTuETKyysite0-9Zjk&google_cver=1&google_push=AQvitUK90Tob9HPqDXKQeqQljrjV43FEz24sc9dg60Jy6MKZjusYK0i54DCs7SMVzlb9ha9iBo_EaJkuluz_FdDbhy4Lsx...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sk-X0EDRR8OGT5JM7pWuNA&google_push=AQvitUK90Tob9HPqDXKQeqQljrjV43FEz24sc9dg60Jy6MKZjusYK0i54DCs7SMVzlb9ha9iBo_EaJkuluz_FdD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sk-X0EDRR8OGT5JM7pWuNA&google_push=AQvitUK90Tob9HPqDXKQeqQljrjV43FEz24sc9dg60Jy6MKZjusYK0i54DCs7SMVzlb9ha9iBo_EaJkuluz_FdDbhy4LsxuazQ
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sk-X0EDRR8OGT5JM7pWuNA&google_push=AQvitUK90Tob9HPqDXKQeqQljrjV43FEz24sc9dg60Jy6MKZjusYK0i54DCs7SMVzlb9ha9iBo_EaJkuluz_FdDbhy4LsxuazQ
date
Sun, 30 May 2021 14:06:23 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
rtb2-useast.e-volution.ai/ Frame 4583 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEM--dDg8e5_nGOvUH-kNZpw&google_cver=1&google_push=AQvitUJfj5gc1_0se3T6e_mWNo3mDAhtW8ThWaMEZwAXSjtCjCks4wpAi2NCsobKayTExYpHwQhRNoZzhIJtDf5wry6zGdV0YWc
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:23 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 4583
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEC4B79VMq2KoEg9wc0cCI3A&google_cver=1&google_push=AQvitUJT9S2rK3cED0BTjvEa2Ckefzpw1UMCXgAyCZR9vwdhsHCOdNKjTz2FVZEBaW9m87XVEoM8h4GAhzY7Uug-Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjBlZDg2ZGYtMzM0MC00ZmFkLWE0NmUtZGVlNDk1Njg5NTNl&google_push=AQvitUJT9S2rK3cED0BTjvEa2Ckefzpw1UMCXgAyCZR9vwdhsHCOdNKjTz2FVZEB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjBlZDg2ZGYtMzM0MC00ZmFkLWE0NmUtZGVlNDk1Njg5NTNl&google_push=AQvitUJT9S2rK3cED0BTjvEa2Ckefzpw1UMCXgAyCZR9vwdhsHCOdNKjTz2FVZEBaW9m87XVEoM8h4GAhzY7Uug-Q-hIoqngCPDJ
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjBlZDg2ZGYtMzM0MC00ZmFkLWE0NmUtZGVlNDk1Njg5NTNl&google_push=AQvitUJT9S2rK3cED0BTjvEa2Ckefzpw1UMCXgAyCZR9vwdhsHCOdNKjTz2FVZEBaW9m87XVEoM8h4GAhzY7Uug-Q-hIoqngCPDJ
date
Sun, 30 May 2021 14:06:24 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4583 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KIAGCPts7_l2lI8aQbX3zWKVmXH0EAYa60rhCdINlncQicTEUlI5-C9i3pG8UVCcNqybN20uc
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame AC40
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 30-May-2021 15:06:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 14:06:23 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame E3BC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 30-May-2021 15:06:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 14:06:23 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9C0C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
URL: https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 30-May-2021 15:06:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 30 May 2021 14:06:23 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 30 May 2021 14:06:23 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&dnid=0a2c0c2112300206&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:24 GMT
Cache-Control
no-store
Server
nginx
Connection
close
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE35 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=955214950119609&bg=!tbaltvLNAAaMan2LjGo7ACkAdvg8Wna2nPu4qFU6kyfCd0xg9n-2IHEARI5jKMyOcqeyAr8G8OXEDwIAAAGDUgAAACVoAQeZApV59fTHEn59Jqp7HV4mAHN7zMvplerlrGZZp3Burg1vmgP0ZsPGBWeYgrd22TRyfHykF5k5ZklLZVAMyBydfj9WIvgbXVn1ssOdRID4cp_DQUG7IgYyE1wsPspWZTeWgEQ4yFkjTEMR8qP4VWCa8gYCAV_QdJTbG3j5HkQJdnEBa9wxnOeX2tKx96SJkW_l3eDppIVSVxY67V4BiM4S-MCRMTyf6_8zJNsK8gt6N42N5BfEmngXZKsaDW2eyEiFhkVURAAwNfmjaqSXs29mLPry9DNGM3WtSk8EHjTedn5yx1uxlOcrhYzGC5n7hkjlLyobBJu3WSVXiv8uVDBWY6nWfpg_EGELbCpw8KmM8c3Mk1b3kzEJ8lFYfk1C_lG5RoEc9OdEFaBPLLELdOJveq0f1S2vGB6EaAAJC8qqwE98--QvxlufKkvEOz-1esoa1J_dGsJhvFA6IhIFUz63iwLqfIYFRXiTsF61rAnRQxGI744tLj0Mea8Joc3XvTRCvRTTjBKfKgADDJcu52UMoqiPMY__DmY30bmSeJngkdYyHA5ukDx-qWo837PM0aa25AJsVMAp3OZIbJ_ST86HuB1EcPcRfmyQHgfhfcWDA80kt4a4WesM9zeuaCvVrTDdPXZ6sAzgsJTa4KLxwVMk6mM0SgTwJ1oI7In8TKPSuVvsEwYBaOPz4YYSXJAFaxupMWxZP5HUMCDra6PN55mH-QCIwGbzj1gclWoKyvWzKPxynU4fNXCq1cdfP1SsZioxmheByZkIP7WfEXIKtfBELXqguRBFg1g22yj834yYsAhlWfPEFvDy5k6_r4DXr279Hc-5WtJIx5xFz8HOLDLVBhzl9o9BaBvqYCPA9qpDlVaUonCjge96
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E86 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=744637708219257&bg=!g4ClgMTNAAaMan2LjGo7ACkAdvg8Whp-I2sew_BOIzZVDS2qeXaPYlAd4OiWrk1H0F1vq_Lw0-UF0wIAAAD3UgAAABtoAQeZAm9_czJJtnHiVMRY0l20g_NxUYo26J2wXfAHEDccnn0aUWQqBNPrMNkD0-fdmKTy4CYOQoWBWp0b0_VXTgpFpMnOSae3JOkoPAFLzjEXgrt0gxBIYvRATPJw1bRLNykHIK6GsAb2zjMrJDEOvOgRLmfbyNhSmq0QhWQEEfE7EP1WXGKDLOGldTpDkeoi3aL2ELmnM6ujJb-ZMJWM5Jfqq_-6xDZxwhJ3Af0NM2bGljFKXTh01COtsIgr_rYX7HfxyKoFyQmynV1oq-kAk55ki2VQDQwyUnkIAc5V6Bn0NVBW7fadblkRb8BrfwlCklSfArCCFYiP8yizPUoxXr11M0pXIEkveE2zM-WFlhckdu_aDUhRDUfa0j3VBwmCkbhkEyBj0ODklsdS6nmyMsrCauObNQx8qH-HGyERlvj3ymMuBwpaQY-mdhSHjiLgsGPEAJZ8MXHOY6k-ZI86eSQwwG8MDCt7ltAlP_pQsht9-0_J7ULAkV--8wyjCWFS_vD-Ll2T0DE4L5WcNACv_-ztUR12A5GlIuaHPP6-78FL-h-LTL_j8_5-BmDMPIxi4cXTZuh5yZE58T8XEgUuR9m7DB1bAsuTxdeVHUQhAzCZsTrcZ9elksjZKSMZFgNprvoeK7Wud7IqO8rLeA6gFmZmyLOjAOs6wW1E4qyBi3QKFegr3C3bkBYKK6NFFtT66s2L1N2LQgiGl9p-e5qzAS1I7Soqo5mnnIIr56T7TaUwnRNQGdB8kFMPwjzIraaqQxDnjw2XRDDIz-VdunoZLpXY5AqHxo6Y7OLZX_HHfHAM7ubi-MVrgjvGYWyvj1VGB2CFoA
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
coronavirus.png
vacina.saude.rs.gov.br/img/ Frame BAEF 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vacina.saude.rs.gov.br/img/coronavirus.png
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
last-modified
Mon, 16 Mar 2020 17:04:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"15dfd-5a0fbcee37b55"
content-type
image/png
accept-ranges
bytes
content-length
89597
jquery.min.js
vacina.saude.rs.gov.br/vendor/jquery/ Frame BAEF 		86 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"15851-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
39406
bootstrap.bundle.min.js
vacina.saude.rs.gov.br/vendor/bootstrap/js/ Frame BAEF 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"1332b-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30152
jquery.easing.min.js
vacina.saude.rs.gov.br/vendor/jquery-easing/ Frame BAEF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/jquery-easing/jquery.easing.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"9e4-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1070
sb-admin-2.js
vacina.saude.rs.gov.br/js/ Frame BAEF 		1 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/js/sb-admin-2.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"5d4-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
822
Chart.min.js
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/ Frame BAEF 		169 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/Chart.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 12:22:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"2a415-5b20529e4e2c0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
utils.js
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/ Frame BAEF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/utils.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 19 Oct 2020 12:22:11 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"cf6-5b20529e4e2c0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1712
chartjs-plugin-datalabels@0.7.0
cdn.jsdelivr.net/npm/ Frame BAEF 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/chartjs-plugin-datalabels@0.7.0
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2036579
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5360
etag
W/"330e-MyjMkC7/nYxBFRP/V6SaLPi/qfE"
x-served-by
cache-fra19170-FRA
date
Sun, 30 May 2021 14:06:23 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.dataTables.min.js
vacina.saude.rs.gov.br/vendor/datatables/ Frame BAEF 		80 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/jquery.dataTables.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"141eb-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
35900
dataTables.buttons.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame BAEF 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/dataTables.buttons.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
3790965
content-length
6431
cf-request-id
0a5f31f87e00000eb36f89d000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"11209f0-4c4c-5bf86f30573cc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885d3fcf00eb3-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Sat, 16 Apr 2022 17:03:38 GMT
buttons.flash.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame BAEF 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.flash.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
3260314
content-length
6819
cf-request-id
0a5f31f87e00000eb364a52000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"11220fa-6677-5bf86f3056fe4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885d3fcf20eb3-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Fri, 22 Apr 2022 20:27:49 GMT
jszip.min.js
cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/ Frame BAEF 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5919666
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26506
cf-request-id
0a5f31f86d00002bd2d10aa000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ecf-18e33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R7AosKLT5%2FoVwLpBbe9taeSBeBNdyHFGowZAkg2q0soIfCmLHxNExkZy0BMx5ke8IjASk3ynprAmGxVKW5RWS2YKwMtPcS02SFBglWpsxsXy8E%2Fr1dLS%2FK8IOXWNlGOf5w3Jt2P5bK3f8oF16A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
657885d3ea112bd2-FRA
expires
Fri, 20 May 2022 14:06:23 GMT
pdfmake.min.js
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame BAEF 		1 MB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/pdfmake.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5917503
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
344327
cf-request-id
0a5f31f87400002bd28b9e8000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f87-10af19"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iOJAbnRPTGxMhvcuupdQRI0BX4I5nx4j6f89WGUSFB7dAWGKokD3uKugTJfO1mmdklOnn51cdSu%2Fr2zThLcAbK%2Fv%2F%2BRdTQoEiIutaDIBbIWNGzgPgDgVfgY5MT5sOmOiaV1%2FTlMQETonenkRQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
657885d3ea2d2bd2-FRA
expires
Fri, 20 May 2022 14:06:23 GMT
vfs_fonts.js
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame BAEF 		905 KB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/vfs_fonts.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324761
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
315755
cf-request-id
0a5f31f87400002bd2b4234000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f87-e2214"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VrD8%2FLDpM5k%2Bye2uoYtP5JgiBVLty4CvjtzInT8xC4CDRN1o7ol2mUUavuZKRXqah9lSpw9wWpuGN2PGHhxUa8LMlmvm4G5W%2FiLtL6r6nTUwGN2MYLV6lVEW%2BcUNdN27iu01nn02OrTRxLmYdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
657885d3ea2e2bd2-FRA
expires
Fri, 20 May 2022 14:06:23 GMT
buttons.html5.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame BAEF 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.html5.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
3912634
content-length
6608
cf-request-id
0a5f31f87e00000eb36b06c000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"1122102-60be-5bf86f3056fe4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885d3fcf30eb3-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Fri, 15 Apr 2022 07:15:48 GMT
buttons.print.min.js
cdn.datatables.net/buttons/1.6.1/js/ Frame BAEF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/buttons/1.6.1/js/buttons.print.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
vary
Accept-Encoding,User-Agent
cf-cache-status
HIT
age
3788866
content-length
1160
cf-request-id
0a5f31f89800000eb3ac82a000000001
last-modified
Fri, 09 Apr 2021 09:40:07 GMT
server
cloudflare
etag
"1122101-8fe-5bf86f30573cc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885d42d3c0eb3-FRA
access-control-allow-headers
origin, x-requested-with, content-type
expires
Sat, 16 Apr 2022 17:38:37 GMT
dataTables.bootstrap4.min.js
vacina.saude.rs.gov.br/vendor/datatables/ Frame BAEF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
gzip
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"825-592af5a54eb00"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1369
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ Frame BAEF 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2141860
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6451
cf-request-id
0a5f31f8a50000d6d1292c6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LnVWlNKVqMc2GuhViAFIlMNjJGySzBdhTipd6jc2T5R2%2FMT6B8Ptse%2BiW2d0HirbK4SP9Y0urZ9QvJmxcI7TVnXibxioETEZaZBvUikPLpsd6TY0pa928xaBH0mP9ctNUHxUnONFZ0g7%2FxgD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
657885d43be2d6d1-FRA
expires
Fri, 20 May 2022 14:06:23 GMT
XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame BAEF 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vacina.saude.rs.gov.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 10:03:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:23 GMT
server
sffe
age
14565
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19088
x-xss-protection
0
expires
Mon, 30 May 2022 10:03:39 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame BAEF 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vacina.saude.rs.gov.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 10:13:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 02:44:35 GMT
server
sffe
age
186774
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18972
x-xss-protection
0
expires
Sat, 28 May 2022 10:13:30 GMT
fa-solid-900.woff2
vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/ Frame BAEF 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Origin
https://vacina.saude.rs.gov.br
Referer
https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:24 GMT
last-modified
Mon, 16 Sep 2019 17:58:36 GMT
server
Microsoft-IIS/10.0
x-powered-by
ARR/3.0, ASP.NET
etag
"12690-592af5a54eb00"
content-type
font/woff2
accept-ranges
bytes
content-length
75408
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame BAEF 		971 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
content-length
438
cf-request-id
0a5f31feee0000c26d21b01000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885de48dac26d-FRA
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame BAEF 		971 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
content-encoding
gzip
cf-cache-status
HIT
age
0
content-length
438
cf-request-id
0a5f31ff950000c26d30b92000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885df5aa7c26d-FRA
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame BAEF 		971 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
content-encoding
gzip
cf-cache-status
HIT
age
0
content-length
438
cf-request-id
0a5f31ff9a0000c26d53819000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885df5ab7c26d-FRA
access-control-allow-headers
origin, x-requested-with, content-type
Portuguese-Brasil.json
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame BAEF 		971 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json
Requested by
Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vacina.saude.rs.gov.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
content-encoding
gzip
cf-cache-status
HIT
age
0
content-length
438
cf-request-id
0a5f31ff9e0000c26d2418b000000001
last-modified
Fri, 30 Apr 2021 08:15:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11222c6-3cb-5c12c35ec1f17-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
657885df6ac7c26d-FRA
access-control-allow-headers
origin, x-requested-with, content-type
ac
www5.smartadserver.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31545&async=1&visit=m&tmstp=4813918487&tag=sas_31545&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
70905ec0831335dacef8392d3de9e92fe4d5bb6f3df2c68d3415f029efbff40b

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:24 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
5%3b17%3b68
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
10198480
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
api.gif
v3.denakop.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383585303&cb=0.9487793459780647
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f32001700003250e08e0000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885e02e8d3250-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383585303&cb=0.7274620292781888
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f32001800003250e02b3000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885e02e903250-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383585303&cb=0.95770189070402
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f32001800003250ce851000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885e02e913250-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
api.gif
v3.denakop.com/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=qkJMM%2BkOT2Gt%2BkIrxrQyZQ%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1622383585304&cb=0.4337452799532646
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-request-id
0a5f32001900003250d2919000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
image/gif
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges
bytes
cf-ray
657885e02e923250-FRA
expires
Sun, 01 Jan 2014 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0609 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM1cVZ1MJ57ehWDmnz1oOXfKk9iasFNkfB521sHiIBWmAw2WcbAjC2ifwnGI4OWiB_LnrulysM5yfkJgu4l_InsShys8b4SOfFCsAXkXNolCOi88lFQrR8ZKVvw6MaW2dIQ_Fy1PaxlAieoEbRX4zY&sai=AMfl-YT10A_FfJdYHAGGyf88OQgB-ByV3zNswdmjf4YmfpyjxjICZT1_GV1yxZv03l3KzZ4a3Wb3jW-kJtVyMHGkIRdLoHetlKqfghEZ2KCoPmFjJ9nry1ro-NtCsmMu&sig=Cg0ArKJSzAb5070z5eBAEAE&cid=CAASF-RoZBlZ3mgEwl6dcuJ-3K1MqoeRvVzC&id=lidar2&mcvt=2245&p=1110,315,1200,1285&mtos=2245,2245,2245,2245,2245&tos=2245,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3738811365&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622383582322&dlt=45&rpt=1&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame ECCF 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b100aa9fcecae6f2c48ac34d8d06dafbd1a7bcbb3c270e83d592dad6eea8f26e

Request headers

Referer
https://ad4m.at/ad/dr?ed=1gd1ctt1x6gsc1b24xgdbynt5n39qvyhjfjhfd0bse58g2gftgmdx496pwqmpd07z9eskzhrdh6xpekyz78b8j5xccjjpadrb13sha8vnh6643dsc50q674s9ej23x7nskkk97sfj45dm8c9e5t2f0vdhsfgc88r5csgf6b21ygnbpdna18dvhhsywpz94jgctvpdn0ywsyyng7xhbnk1z8ph3gwvzkjrr0cff1ejjqvqnk0kmwkfqagvb928vpf38jtyf3fjaqy3rc8se2mbkvjgn4maspqrtry2g8x2qsfj1m5y10n8wrfk2mvv9qn46jj7dwm7a1pjbta2jgd0bxzcs2f2xv88v444kkj7z9tmn6f8rhsv4bnmkx0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-hn3r
cf-request-id
0a5f3202600000640d76940000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZyTyXaRPAF3G5zKXmrjo6WglpLGZrWaeAUnlx%2BlJd%2B3z7dNk2e2bgvP9N%2F68wxF6ihDr8WoLIymFV3pd690N3fsTVKlPHp3g5uddo5PqI36M%2FNSsTNyNUu9EzUUG%2FcLP"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
657885e3cdf5640d-FRA
rs
ad4m.at/ Frame D4FE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a450482032fc327ab80a62e5c115bea3f6d2129b9066ffeec9eb3c98b55039bc

Request headers

Referer
https://ad4m.at/ad/dr?ed=1h2srbbg19g2hdqa8zer6wdrn08s20hxt1edw6k1j80e1ddcrspt3051t0jsg7224yrsmwc30wt18n5xjd3w2fp7qcj1hwfbaprrtsx0kc4p8rdkck7x3a2n6aw5ssq1g7age7329f71qc22e018s48ndhjnrhg5sjxxzhc3gjysn6zhn9rcydfxgrk61swvek10n4zcvwmh3dqd4h8yc1ffy6xwvj4dtrb0x5xexechqymzw990karfg2dw1fwq4tvy5dz9f4zns991kjhh54nxx1rr2rvqzzathzafxw40556sk1znxy080zv2gbpq1vmt2xfkvm12v37qa4t3t4ywyf522pfmwj44w488shf77e9stqxrzw9sbtk42&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-hn3r
cf-request-id
0a5f3202620000640d62251000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7LCz%2F4I2GCh1%2BCTVJZ%2Flk1l2zldp%2B56HdIZVFn5qEZWglAAgJU7zVa0fszyrN1hmE5cA5uDzHeY7n3gqMpTmwFITaEsdBpxdIEVJxyUOdwC1z8GdQGcEAfZCrNIqAISN"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
657885e3cdf7640d-FRA
rs
ad4m.at/ Frame F3B6 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b565eac7d1d4b1e44b4c8f24a8ddd2fca85977e432eb0cbd76c4d3160080a89f

Request headers

Referer
https://ad4m.at/ad/dr?ed=1hze1mf0a8s9ajmd6p6td60b6ca58zh1hh2tp181dkn9eks06vxqhcepvrnygfq3j7z5ft9hf7ecfwaxpxhbmy04543gznvt98m5nbfgnm5yymhychdjtmmg7fkw9zx2b7522rfmwpzxvx38wzk3fasb6c3wsg1tc4h0bggaaq7makv6tth3wxvft021qb36g97apj2qy2e09w7shb76x7r2ek9jchf7hrpp8hknz4p79178gyrhgxwe99c3em6hrns17g5s1mqdk0xv8zf7vkhas7pvyhtftbwjv2k1ag2agee7b084f4qwb78rwcwnwdv363xt7a6armtgm5s2c2q3dfy7djc6sg44e0cdn3905khx1gd6m2zp0j8sa&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%26client%3Dca-pub-6379854420851476%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-hn3r
cf-request-id
0a5f3202650000640d62252000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tKQ53je5LfVaMtY16RnEesOz7Fh5sTAmMGMyfh8CvL5Yh%2BcxVRMliGtnY8TH0mE%2BXnF2cYJXsjLaSlokNBqdqxGJFESzr87SBPuwifGuokfjbHLthoMcALjIVBO96adh"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
657885e3cdf9640d-FRA
CO-0016-21_-_CDC_Sustentabilidade_970x250_0551563e-ce60-452a-a018-030333d7ef38.jpg
creatives.sascdn.com/diff/1320/10198480/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/diff/1320/10198480/CO-0016-21_-_CDC_Sustentabilidade_970x250_0551563e-ce60-452a-a018-030333d7ef38.jpg
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
59eeb2016f8917917123482aa490fd828f9e88de1fd8f1f7b9598817ea431a34

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 14:06:25 GMT
Last-Modified
Fri, 21 May 2021 21:28:53 GMT
Server
AkamaiNetStorage
ETag
"934616802833c1d4dda61073be8be0c2:1621632533.346074"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157086
Expires
Mon, 30 May 2022 14:06:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210524&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a979b394322a2357da9e695cf368fb89a9356aa593bf50d6f783aae08bdd5ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 30 May 2021 14:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7739
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 15:29:12 GMT
content-encoding
gzip
age
81433
x-guploader-uploadid
ABg5-Uw3h1YfX_YZF9zaUnMzjPEC_yBLDeNCsZFAJcaOE01LykdzJpELJoVicmjsn8l8auViMPrQwFqXBSJUN67hrMQv1OO4ng
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Mon, 19 Apr 2021 15:43:33 GMT
server
UploadServer
etag
"090fb4b641b03e182ef8a7fdc93d72de"
x-goog-hash
crc32c=VQO11g==, md5=CQ+0tkGwPhgu+Kf9yT1y3g==
content-language
en
x-goog-generation
1618847013991944
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 30 May 2021 15:29:12 GMT
js
www.googletagmanager.com/gtag/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931232517
Requested by
Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db211fa93979748adaf10d35425e227f18f1555feb1561b244d630014d8cebb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34522
x-xss-protection
0
last-modified
Sun, 30 May 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 May 2021 14:06:25 GMT
ws-ad.js
wfpscripts.webspectator.com/ Frame B3B4 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 2DAF 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 878B 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 56C7 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame E078 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame 223F 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame C846 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
ws-ad.js
wfpscripts.webspectator.com/ Frame D875 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wfpscripts.webspectator.com/ws-ad.js
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
last-modified
Tue, 12 Feb 2019 15:34:42 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status
HIT
content-type
application/javascript
cache-control
max-age=300
content-length
8492
syncframe
gum.criteo.com/ Frame F408 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.correiodopovo.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.correiodopovo.com.br
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1547
set-cookie
uid=4200b562-fe7b-4853-a2ae-6e8837a54f67; expires=Mon, 30 May 2022 14:06:25 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 30 May 2021 14:06:25 GMT
content-length
0
rar
as.ad4m.at/ad/ Frame DDDE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc57087554d40537da73384e49c47576e8711e6f08f4c533507429d2126f334
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a5f3202e90000640d6503f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657885e4ae48640d-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame B36D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5715ad91ced999c2e3dd435a913df65643ca129cfd0f82122f38cbbb8a8d112
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a5f3202e90000640d7299f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657885e4ae49640d-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame C2B4 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb81625c17c0a4b26619b3a2ccbbf24db5b463db756bb015f149c89a7909b148
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a5f3202ec0000640d56886000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
657885e4ae4a640d-FRA
content-encoding
br
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210524/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Sun, 30 May 2021 14:06:26 GMT
_adview_.ad.json
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 		0
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=98469718
Requested by
Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
last-modified
Tue, 11 Oct 2016 11:19:36 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-length
0
x-cache-status
MISS
content-type
application/octet-stream
social
trc-events.taboola.com/correiodopovo/log/3/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/correiodopovo/log/3/social?route=AM:IL:V&lti=deflated&ri=442545b70663900874adb9c844d459c7&sd=v2_f3be51644ee9e764072df797135aba3b_7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b_1622383579_1622383579_CIi3jgYQzeNHGPyj4-ybLyABKAEwvwE4krUNQLydEEiFldsDUP_0LVgAYABosa_ptcr9986tAQ&ui=7a848a92-1d6b-4a3c-b949-ebb6acb3b5df-tuct7ad215b&pi=/&wi=-5703500169402860967&pt=home&vi=1622383579644&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=16%3A06%3A26.056&id=8357&llvl=1&cv=20210530-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:26 GMT
server
nginx
x-fastly-to-nlb-rtt
24761
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.22.84:10213
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 09:47:57 GMT
content-encoding
gzip
age
15509
x-guploader-uploadid
ABg5-Uz3_3-NaW9nspHz0bXOE8EfToCsBoP0KamqI0TuPbHRVfvUoPDLv-_i8GjRbex5imMx1vnlXenuF0kUpZn7hqG0An4VwA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Mon, 19 Apr 2021 15:43:33 GMT
server
UploadServer
etag
"3f338dc5c15f92841113b0350587be44"
x-goog-hash
crc32c=sfk3og==, md5=PzONxcFfkoQRE7A1BYe+RA==
content-language
en
x-goog-generation
1618847013907660
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 31 May 2021 09:47:57 GMT
trk
tt-9964-3.seg.t.tailtarget.com/ 		70 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-correiodopovo:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1622383586&tM=direct&tL=direct&tN=direct&tY=3&tZ=702023683
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
content-type
image/png
alt-svc
clear
content-length
70
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 61A4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 30 May 2021 10:58:21 GMT
expires
Mon, 30 May 2022 10:58:21 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11285
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1F97 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4526ecd5b2344a650015b1c50907d28ae0aca92516dec9a9be497d1c0f9df8cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-skF3BGX9+doDFtosSA4/Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.correiodopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.correiodopovo.com.br/

Response headers

expires
Sun, 30 May 2021 14:06:26 GMT
date
Sun, 30 May 2021 14:06:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-skF3BGX9+doDFtosSA4/Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame DDDE 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
964118
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a5f32039300002b7141007000000001
cf-ray
657885e5bc402b71-FRA
expires
Sun, 30 May 2021 15:06:26 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame DDDE 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324446
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a5f32038f0000640d729a9000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XpO1xsFi%2FOegRFQXodZmRdTihgOi1rh39idc8IFxdjDO8DCaTvv6VLe2KJkDww0txZ4b7ZVJtOMBTmSOMMyPKuAhmgQB5Y5ns9lAoQoP%2BBdqG40OMmZLjem%2FFCBG%2BHJjX67sqplpRg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
657885e5bea2640d-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame DDDE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
325650
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a5f3203940000640d5f013000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ut3A7bYJgfVwmNbtpuF3GLiH5wTWywGMOOOTc6An6MiDMgEH%2Bp04hk4y%2FdM0F%2F4RvTizlv53gW3Q9B9V%2F9zjJIJm3nmc25cjh%2FqMN3K7%2B2dI2acf0GNwWzf6cI9zRmDoSwrp8Hd2xA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
657885e5bea5640d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame DDDE 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame DDDE 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
326957
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a5f3203960000640d5f014000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=aLLY23GN%2F1KWI955%2BiU8QLCXAG1oQudrCAnFnHVLLoBKLGuE%2F3479r62N2Lb4tCV7cfphkrI1eNw5tHZ3SRDPDoSEI1cdS4acKjIPCq3sGOUcK7MApD4g2TW2SjKDhmdMpWLO5CazQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
657885e5bea6640d-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame DDDE 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
327603
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwkjW7D1NIP-SGMO0-kZ76TtZfUKrCHcFefqvfPhPmPd2kUA2JGX59C6myv_SM-svP_Kdq_okuTD9MVCpFHug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a5f3203940000640d7a334000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ShubWvU5XviLGOA%2BPzDBgcr6rmrZktnFcsX0bX2HO8vVwTNppSXNgJaiaUojioi3Bmw8zjzTtYHK6s0nvBSrN%2B%2BLT53%2FALN%2BWqPperWiFs10YLLvGkv7C0%2FafDcWn2f%2BFFm2YoQmrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
657885e5bea7640d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame DDDE 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame DDDE 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324750
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UwEVnjd7dR3HhxvLjp_sWRKJYH0caMiuu_CyivY0DOCPBFePnJOMgFk4q-EOhBvW8wM7HavdGsiweoV4l2mI3KykCijyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a5f3203970000640d7a335000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Qdcg%2BShVfeP1HoTGnJ7yZCRkQBmdSPye5Y%2BUAtafvVkrV07vweNdgt%2B5clqvbtydR2WrZNL9NiUkGEVa1TkLqd0vX7wNItlx9AjhUiD6ko%2FQU6Ip%2ByoV5aJA%2FvrAhEHdIw6PtZQ6pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
657885e5bea8640d-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame DDDE 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
580139
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a5f3203950000640d53b05000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QdhAF25aZmldNk67oYjfeaPhOPr%2BhTXctz9pVz5oaNC7pIZtdKw1U4nuGPNt8DuEarG2QH%2FhsSbUczlyQrrvz3XQTLsOcFcxwmzrxTGtrfWysDbvVWQxewOomYzbNkil1vsOkgaf4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
657885e5beaa640d-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame B36D 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
964118
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a5f32039300002b71849dc000000001
cf-ray
657885e5bc452b71-FRA
expires
Sun, 30 May 2021 15:06:26 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame B36D 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324446
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a5f3203960000640d5688f000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y8c14IslU9iYgyZcrvlNutAcVZFW6u2GhL4VqE2SgjRV7SB1iA6orswRhjTgmU6hQ9%2FVuSQkVPTDJENya7BFZZaTQr7WiL4HO8EiXKfuYkqzZEJ2IO41osCj8z2Qc7msFQdNhOBIHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
657885e5beab640d-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame B36D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
325650
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a5f3203950000640d53015000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cShYttEJiYxT8nLCe%2FyYuXLJEymEqgeRkoYToOyDtP2DriaRy4K0pnBwp1rqQOF%2BY97W7v4WWnA82VuCthYY0bIqnWYrccRxHs4acVqtcjBrND0sbduLAB5OesvXQCjAPVsZH25EqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
657885e5beac640d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame B36D 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame B36D 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
326957
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a5f32039a0000640d62262000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f1GvCS3wZk3DST82Ba7d0UoZvL70Ij0rxj0ZJQLMO16FuL8wTy5ko7LsfVHjeGF2vEuolqzi%2Ff5yLfwnCDOCA5WuAigVfAD8su4XvlCXjt%2FgOA%2FrG%2BqNRPFaQVsiXvupTrxNnHQ%2BCg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
657885e5beaf640d-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame B36D 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
327603
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwkjW7D1NIP-SGMO0-kZ76TtZfUKrCHcFefqvfPhPmPd2kUA2JGX59C6myv_SM-svP_Kdq_okuTD9MVCpFHug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a5f3203980000640d7694e000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pkQVTBl%2Bz2jApYF099HOnfY19Y37BLQrfO0kuZ%2B8%2BhGeSRWdZI20mH5jN4XUo1rA3CVGOv0Aut3o0cOcWFG9kkK%2BXeqH3vTi79GzyWoHAEMFFDzBV4k%2BQDEpM8sl2gToCqTuTnUwkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
657885e5beb0640d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame B36D 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame B36D 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324750
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UwEVnjd7dR3HhxvLjp_sWRKJYH0caMiuu_CyivY0DOCPBFePnJOMgFk4q-EOhBvW8wM7HavdGsiweoV4l2mI3KykCijyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a5f3203980000640d729aa000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4Bt4UErH2uM81JN8goGwG15sXhG7lITMtq66NR3nPrmTIrA4w0uzwpE%2FknH4GWuWiAN14hd7d2C3C5cnQnNeNT2Bk8X%2FKvVz7a%2FT1DpwbeYc928sdNiVmodz3P0W6OUU6Z3Aaq4uwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
657885e5beb1640d-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame B36D 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
580139
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a5f3203980000640d57a0c000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QuEmi%2BnsLNWFAJpOID6xCi1MiqHLDK7OHQvOoqxJdcvQmox8EOo%2BaW44QxlkB7HuMFYccQoUm%2F%2BIg%2Ff5JdHHyvl%2Bei3gl4KMVMhZ2UQMr4H%2FaSDNlTZ%2F8%2F2CJPmc59h9VrwDiP3Z5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
657885e5beb2640d-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame C2B4 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
964118
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a5f32039b00002b71fcab8000000001
cf-ray
657885e5cc5e2b71-FRA
expires
Sun, 30 May 2021 15:06:26 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame C2B4 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324446
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-Uwa0pHO7p2KwdWZ6A8ZHcFIkQUlgjPhsd8G8bqx4cWC-xpVXJrDEK-e_ZlHLKcIK4mqQ40q-IIwdNNX4JYmbgW8DGCfiw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-request-id
0a5f32039c0000640d70353000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W6Ez2DOWI8090RmvS%2FKnqOAPddovWv5PhvhEubsHrxfMr9Z6BvjO91%2BY6aI%2BoUJiQzu5HxAWHXegyQdlum2yE5H09ewjd%2BZgoQlICxHYR3M3df0by0nEs0Ph8Vt99iF4i20KCc%2FCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
657885e5ceb6640d-FRA
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame C2B4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
325650
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ABg5-UzGiRR4yimbWKfGJZpmBb7Y7HRFdwG_OsOerIJSuqRrvfrFIfTgIYrYfkjPNAsraqsGAdYkDRgmZq7_XAan-8Y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1598
cf-request-id
0a5f32039b0000640d53016000000001
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OSufbU1mvXhOAprXzBACjm%2FboqiscMUkw9hxhksdrJzk42W86HR9uDQIQwUjFcK%2BbVtYLQa90qMKywQPnV%2Fe2XsTxReS6G2bx3mrJr%2F9KQH5N7EF%2FKD%2Bs%2FjzKwDQjnkq%2BNBVJHcP0w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
657885e5ceb7640d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C2B4 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidDjeT3fwfbqPS3HmH9t1twAmF4tmTk8roneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame C2B4 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
326957
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
0a5f32039c0000640d53b06000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2wTP3lDsrPr5AjNVYUVxeB%2FjaF9SXPCO%2BGzI67eJtJXJ8fgVVa68BDzdt8zo3MeyYDov8aeIVPiZHbHnaw2RXO8daJ5V%2BKHK9TkTZHPeG9ZejaPMSBXFVkWjGnvFQU%2F7uo3pXatGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
657885e5ceb8640d-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame C2B4 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
327603
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwkjW7D1NIP-SGMO0-kZ76TtZfUKrCHcFefqvfPhPmPd2kUA2JGX59C6myv_SM-svP_Kdq_okuTD9MVCpFHug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
0a5f32039c0000640d692c7000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lzrLzNcXW1KJN2VGtDZU1YXwgk4CqD6bzLpt59XnJFCdgEmE0FP7RRlL8OkCmjuEkw9PdpthFikS3KOEd8B6FekVAXLrvp1cSWj0po%2B6XRdOHzLg3vVc0ibcAXigEDMNl7UP5dUcGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
657885e5ceb9640d-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame C2B4 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame C2B4 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
324750
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UwEVnjd7dR3HhxvLjp_sWRKJYH0caMiuu_CyivY0DOCPBFePnJOMgFk4q-EOhBvW8wM7HavdGsiweoV4l2mI3KykCijyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
0a5f32039d0000640d7a336000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XocyDnG%2BUpPUvaQ5SvIK74Nuz%2Bioo%2BYATj2yq0sBEmxf18ps51m0zZmwRyTGiSU1vnmb3YcsoKhsaHes0oVoyevmHrhAc64EVmnSTriU5mmODjDsfTG3ip8DgJTx2rLJbcVJfAjjAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
657885e5ceba640d-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame C2B4 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sun, 30 May 2021 14:06:26 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
580139
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
0a5f32039e0000640d56890000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N7SBvgDfFCnxSOdhmmNYjV9bvAnx77yU4PQgAHU5x434ja8m%2BvQEm4JphZ8YT%2FnvBPnqMZfY1gzmnNqcKfFSjeKmd92IcXPjzNusuWHA5mx6jo2CgUHMGxDQAaRnm%2BEqhkLPp2%2FaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Mon, 31 May 2021 14:06:26 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
657885e5cebb640d-FRA
cf-bgj
imgq:85,h2pri
u
b.t.tailtarget.com/ 		54 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
d21e4d902582eb3f4d9b5c49ea349a2d240f2075fc3853ce912590e7a990b8a8

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
link.html
track.webgains.com/ Frame B36D 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
37f6bd1d204309c066e74a69104e21f14ebd0e2b98e8a0fffcb54c00253ebc8f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Last-Modified
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame DDDE 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
eb4ae3f9797114dc5c7057650a0c8e6832099263c3f5b227b10d53748d6f849c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Last-Modified
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame C2B4 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
c1f69213528405947dfb640431c28fffb1e6228406adae7097077c0760d52a21

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Last-Modified
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
pagead2.googlesyndication.com/bg/ Frame 61A4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A_FDV7LeaVqlTDL2qmVdouMMODA1wM6tcjTIBRf3dAs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 09:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
15176
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
expires
Mon, 30 May 2022 09:53:30 GMT
b
b.t.tailtarget.com/ 		92 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007FE29BB3608A068215022DE91F&tX=b.52&tZ=938981979
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
ea7d1fa2179a86727124a927345531fd0d658c71891b493cbb96504b8dffa70e

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
pvClk.min.js
analytics.webgains.io/ Frame B36D 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-60.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:04:04 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
79693
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
AJXmc-UcZ2r-rtXyXnMkGbDVoH4wr-glw7DWWDJ2f53FGSQeMjQOnQ==
hit
diapi.webgains.com/2.0/ Frame B36D 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_8udCp.13Cmr.S9RdPQSzOy_Aw7UTlf_01kKHoNvdjV.lV9dVlmNI_FeAiwAy32xFETlfe2Rc7L1eWNNW5BNlYiJ4uy.CMU&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221622383586%22%2C%22%22%2C%22%22%2C%22%22%2C%221777903586%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=989564c44a9e43d6fb7c5688aa3e36aa&userIP=185.236.42.202&doAffectv=1&wgtime=1622383586
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidSQUiguUpRb-4xTyk2oKmVLMmHf4eLOPUasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame B36D 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidWwEUrfdf6Z9hYH5HjtxtXmwf7twtJm4oneid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=728&d=90&e=SQUiguUpRb-4xTyk2oKmVLMmHf4eLOPU&g=8f13a8b2169821ca47163350a3a68d0d%2F3504174143610097427&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D21mc06savqzdp52h3es6pks25acwh7nghw1skshkqkgp48sd8t0z023shmfq7rh9cbzwyvetf8pf82h9g8vskxyzg5276yt1ya2kaxmwbs3nav4zgw59115hda4evch9dng9h3zpnwqdjeqep2tdmjjc8z9fvvqh4trg63110edg7kfy24k5c0mtabn7rzwxgrkcyd6j3d6eh1hhm0bfqkf7b4s09da7vsg4zk11ktg2pzq0n3t87ty9yv1ka%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCOC_J3JuzYIDeM8yutwfjz7zoDJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS-AU_QVPHO0R-6Agbfca7pOIaQqwp0ucyPgfJefQwXUxNCrjOBA5B7B_m5tCZDqWOfp-Pf8SZcDUG05J6tyMJ7UGb3Vm2DJ7iWNtyZoBC6T7YFBRMXAhwDlmikBDDN-TkT3zSwNTbiPdRM5mlYYR2MebkzHpy8W8t93N8SKJLEZRP-LzicZ1Qg59ywucU5ohYpVpSCBjptgqNid7z7hQUXb0tOCzcGk6gIU4M68CS1PTHJsLolooGoIME6r3buCoWABpna0Pfr87L3gAGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3XqxBfZ0oDtxxcVxlREgdr2xe5Lg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Last-Modified
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame DDDE 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-60.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:04:04 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
79693
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
aAb7TRJHTCJnNpn0Yk9iWW2mQSbsuK6S6DhqZh2k3UEX2l8GVYAU9w==
hit
diapi.webgains.com/2.0/ Frame DDDE 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_8udCp.0FA_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI0YZkb9WJMSsMw76uVTxYMJ5tFFg4K1kl1BNlY6RcQpw.6tR&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221622383586%22%2C%22%22%2C%22%22%2C%22%22%2C%221777903586%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=ad751b3b2440120c44bfb2a128e9f73e&userIP=185.236.42.202&doAffectv=1&wgtime=1622383586
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuid4HO_MWgBSLV_A1wx1Z8FshdmfkD980wRasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame DDDE 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidBJEUgfPfmx4sxH6H3t9t6k9ubteTmgoneid__asuidogfs5IMGPKRx21Ho3DcwFJMAt042kH2hasuid__adf_Netmix_Reach13_DC&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=120&d=600&e=4HO_MWgBSLV_A1wx1Z8FshdmfkD980wR&g=b4922c321eed5a215f89ab9380083fc8%2F7435640478954958720&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22kbkatgpzedk2tn2c0vtr7j01k0mqvhtbezrq7k8ezv9mm0efm6k56gt9ty4ypdzznbxv2xkta1a0jz3g5wkwsthxskajmstzpet936d7bznndekt5yhh8mgx1m3ftz0e9dwypwvtpfr32xpz7eezazc53td9gj837kj03khqwm4qzc8snf38bcra4p2n2qf0nm7a7jrqkgzzgf0s9dnqjs3ey6nr5p7xack2z61btk8rz5dfgwyn2mgqbyr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCifEo3JuzYPqVK4rgtwep-LKQDZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QSws7DXs2WreIUCZteKgSF44m5OK_uDo20waHcX_o7Vp5SLrdXkQ1Gf77CTlIYhO-nILxiwT1dfPqeHHRpiNhO9vb7EN4oyYpto9LhknlwZuUaibdjKHWs3zToF-3RAxBcV9DpRc-eqNWYUj7L71jlb6sEhsvu5jlIPjvEzUt_IblHilX6WxuTWn6mQDp7PaYhC0UCOvgYL5A1ZI6eQV0bq2fJcwwMQfgcIniimi97crFc8vxVxhKfVgFo6v9gAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Oa1XeHkbsVL99_X6CSCCLaku-QQ%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Last-Modified
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C2B4 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-60.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 16:04:04 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
79693
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
sLHn8bP2uoB2ofS_4qqKnz_3w0TmNn1WJZA9sNRaf8laj7HJekE6Ug==
hit
diapi.webgains.com/2.0/ Frame C2B4 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_8udCp.07A_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI0YZkb9WJMSsMw76uVTxYMJ5tFFg4K1kl1BNlY6RcApw..2h&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221622383586%22%2C%22%22%2C%22%22%2C%22%22%2C%221777903586%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=ffa99bde19e37afa016a938b1ed1c50b&userIP=185.236.42.202&doAffectv=1&wgtime=1622383586
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidYrCV5jYGCMPy2nR1e-H04eYY_fJRIUPwasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame C2B4 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid391Fpf4fgXEtzCrHAtEt9DmsMtztAMRoneid__asuid32fpY82dwFUao1IgQQR-49diLSSK1pHQasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C24673&b=DjeT3fwfbqPS3HmH9t1twAmF4tmTk8r%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=dEQfEfkf4BEuEHjHwtqCKQjFKt4TGW4%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=300&d=250&e=YrCV5jYGCMPy2nR1e-H04eYY_fJRIUPw&g=cb7f87bc079225ad5892762fcea6ad0c%2F8092675033104944106&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D20qs479my66hag7gs9nxtjtr9pb3cnq0630y5jhza8cedmnx8qxsmfgah041eccdky52376x7545wk1v64jbevj6mx7ptqxpj2ck8zez7nyfjp0hbwdwxz6f4eghhqhyqsb56nt71danv5hr974aymx4pqpqf7ga4cdrbj114zde6v32jh2gnkrjm8axakkcdh10sjzcxk0m5fkbns38cfdjwyz6r9xvpex2k33fpg8t7p0yr2abbtfkmwqpt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCkfRO3ZuzYO7HC5CRtgeZ6L-wApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNjM3OTg1NDQyMDg1MTQ3NqABwq7o3QPIAQmpAtrap-B8dLQ-qAMBqgS_AU_QpWOl7ftq0wUEy4lPRY_USP3KfkOzPphA6c1Ar2ifNX9IOpJs7iZIxcGDfRrTovqGSST-WSPkSqmNzBBfiNtJE6zbR4Dhk7W7vdLb-so6V3pkm7a1iXDIsUnU96ZWMgEaQfI1v6JQgrwLHVVRkEyJanknLDMa4qJW9dXGAOxJeiWDYDinocoo9b50BPBf7jmvGsU8bnBrTsAmRp29Mzrx77Ok7GxvzYjfBFrUx6Ov1VNpu5N2pp7mSpa5xeSugAa4vcSTyJTXop8BoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38MrgpqGI6pabiMQ_TzIU6O_cROg%2526client%253Dca-pub-6379854420851476%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 May 2021 14:06:26 GMT
Last-Modified
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210524&jk=488355705424272&bg=!jY6ljsrNAAaMan2LjGo7ACkAdvg8WhZ04z4abGoT0ujIct4vEW8oepMZ8ZmS6R4BVLV1eocwsK-skAIAAADJUgAAABVoAQcKAQYEl32HthO6TPqtclnZL_KUhouepG6zSrUakJFH_d_Xs9LxQOX5Q0g63qtdJGniZQWm4W0L6LdyS2sHxrS2IdJrDYUfdXwysnGF1uhhegeaXxI0JjqFYYIMrlary3p3HLMMPVgCaXCkrPwSNN9DB2H5IfmRM0tmFHvgI2sPskg_yHC4oqJx0Td3kLu4XafuQbItxTjzGVV9AAOwMQuLw4fXf8vUF2KAGc3MGowP5t013btEkDGamIBUbSMIuvXMnshFesZO8px7BQupmcBdVvlqyxjfMWbslF4mVZaEu9ZmKHsgTSbzc86VNMQyf0a7OrXSVyJMhMA2zR1WYTqMtIOmy1TRGDDamQJEDdWT1j_RkEqD2EsjEw1arRv5vsif6jkVzneuH5i4lnsYMJ2aeTbS4R8NZ-4jRK5Q5s08joEkjdyedEPKQf1mUc9dXJoZ4eeZF_BOjKIuwE5DEwz72djHOVynor6QHI_Hc2zDEV5S7eobzJd1XuH5itLGXZlT9fdDdUgrAwEt8J-XLdjU1RiKEc1bqp9OwngwQJbFiew7O5vusT-koZoas_70h01Tj4xU-8_anh8z17nG07dZmL_iGvpnQjWI0N07pIKGiKl-FBvDG8uuCC8fOVnAW9FelU7lWAwZ9ov3mqgFjU1UH8jxV5qqJH0UkTyfV0hVJ57OO_20w4xOuMxKPzkiEJd2lzb9q18sdV15jNpk9LMMbZtWH_fxgLjiw8b8V2FzSvBNmN25NbYgB31M6njLISng6l1d-FPzS5r8DGVHrasTbyUoJA_cGxWL1b04lDRdyQHXURKEA8Pm-NQT-k1S5NirfBS3z56CM1YAXV58z5fEz0eQnDVKWGZtuGWE9YxJuitCqG4_Nb3tm6TywEz22Gk3dtsP6bjIKb1ZPMCiQmoHUoQnla6MtFHuTMRmVLtYRhyvBtabHMsBr7hNxb7hkAVTmwOM5-40gUy7xx3kbLit7aVDJIpAVWJERCfQ4VLBY439tZaLWHJaArg5FP42WA4UseOlldHVNwqGprearWGLfFVgTYFlD1RajM1LmV_cenFMqZ3D4eMlaNymdkF8fOiAjU79KNXUPKBgDaMUXju9IpdBG8xbs-wq5jjoxWe03w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
tt-9964-3.seg.t.tailtarget.com/ 		83 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=999000927
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
254ff444aad55a425fdb1aa6a68ea03e0405d96fb3bd7f1a0a8b054223dc0598

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
fp_decode.html
track.webgains.com/ Frame B36D 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_8udCp0pIpiLs2dI_AIQjvEodUW2vqCRc7L1eLY6SCw.5B0KB5DI1Re4GSrWUkVUe0vqCSFQ_01kKJA237lY5BSmVjMk.0ls
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:26 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
fp_decode.html
track.webgains.com/ Frame C2B4 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_8udCp0pBetQVD_DJhCizgzH_y3EjNpmVWN9dPBSmrk.Nk4JkNtB8mcK4rT4z10yc6jNpp0iJ3A0KFgBFY5BNlr91xU..8TE
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:27 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
tr
www.facebook.com/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 30 May 2021 14:06:26 GMT
doubleclick
cm.t.tailtarget.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
  • https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm=&google_ula=862479430&google_tc=
  • https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECo6u0ImKK_L0KP53bCNprQ&google_cver=1&google_ula=862479430,0
70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECo6u0ImKK_L0KP53bCNprQ&google_cver=1&google_ula=862479430,0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
via
1.1 google
server
nginx/1.17.8
content-type
image/png
cache-control
no-cache
content-disposition
inline
alt-svc
clear
content-length
70

Redirect headers

pragma
no-cache
date
Sun, 30 May 2021 14:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESECo6u0ImKK_L0KP53bCNprQ&google_cver=1&google_ula=862479430,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
320
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp_decode.html
track.webgains.com/ Frame DDDE 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_8udCp0pug4i.uJtHoqvynx9MsFyxYM914Ve_clrNk.Nk4JkNtB8mcK4rT4z10yc6jNpp0iJ3A0KFgBFY5BNlr95xU..A1h
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 May 2021 14:06:27 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
action
www5.smartadserver.com/track/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www5.smartadserver.com/track/action?sid=1622383585902&pid=541023&iid=10198480&cid=26812394&key=viewcount&ts=1622383585902
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.165 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:26 GMT
transfer-encoding
chunked
content-type
image/gif
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=___se_1622383586539_3119262410&tJ=CA15795,CA15771,CA17813&tQ=par-correiodopovo,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FE29BB3608A068215022DE91F&tX=b.52&tY=1&tZ=989296679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.correiodopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame B36D 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:06:28 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame B36D 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-60.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:01:51 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
3877
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
Uisydz80y88FZWDXc7Bow2q9YK06qzezttOJuEwqQE6eyUOn1mUyzg==
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame C2B4 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:06:28 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame C2B4 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-60.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:01:51 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
3877
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
RthFHH6HV2o55A9oqWSTcKS-EOuBSORJukq_O-ezcUTPfKolRTqjRQ==
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame DDDE 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.127.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 May 2021 14:06:28 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame DDDE 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-60.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 13:01:51 GMT
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
3877
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
mpAwSIQam9aZHAdGC4srmNyPQKU2uVYcDmXU6nVPGDGmPyRQMwIDWA==
tag
w-it.m-t.io/ Frame B36D 		18 B
121 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1622383587830
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
922419a484ae32414b0afc2e3cd3adc2
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame C2B4 		18 B
121 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1622383587835
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
66ac3ca4781c22470a33e0f405255b1e
cache-control
private
content-length
38
tag
w-it.m-t.io/ Frame DDDE 		18 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1622383587839
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 14:06:27 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
0c9ec0cd819a3e564a856ef71bf06de1
cache-control
private
content-length
38
track
w-it.m-t.io/ Frame B36D 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16223835864369_705d289c8e&programId=12607&expiry=1777903586&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
7a4ef9643c2746128a0fe3144f8af3c9
server
Google Frontend
date
Sun, 30 May 2021 14:06:27 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame DDDE 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16223835864436_a103e57ae2&programId=12607&expiry=1777903586&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
b25af738b1e8324e6021325a63c2cf9a
server
Google Frontend
date
Sun, 30 May 2021 14:06:27 GMT
content-length
0
content-type
application/javascript;charset=utf-8
track
w-it.m-t.io/ Frame C2B4 		0
72 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16223835864601_34e895587a&programId=12607&expiry=1777903586&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
ead289fc0445c78955f6ac34416fca00
server
Google Frontend
date
Sun, 30 May 2021 14:06:27 GMT
content-length
0
content-type
application/javascript;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
um.wbtrk.net
URL
https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEAWmSC3PreHnKN5LLnEZMKc&google_cver=1&google_push=AQvitUJYB8Ce35kFBoRQn3LA01szMC96LHeTDUtNQ58VJL8BnD5am-jPeIq8qvAqitpRi2i-9ULLvf4KlQ2OTWkYckxtZ5t32Es
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESENDTnEbvTP5t93cMl1OYORE&google_cver=1&google_push=AQvitUJ0puViyfdBs1vHMbj-zu0rp15iMHpu6f168GuXjDDe60MUFTAISZhnjhq81fPKabNcaGp7hRfmR5Gp2GGdpjK2JwAUMl6o

Verdicts & Comments Add Verdict or Comment

501 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| adsbygoogle object| sas function| soclInit string| o object| a object| b function| Navegg object| naveggReady object| nvg23925 string| NVG_qry string| sas_target function| fbq function| _fbq object| gaDevIds function| ga object| gaplugins function| $ function| jQuery object| __s object| instgrm object| polopoly object| googletag object| ggeac object| google_js_reporting_queue object| tempwin string| wsHost object| s object| x object| _comscore object| _qevents function| e function| h object| win number| __WS_BOOT object| _taboola object| _newsroom number| leitorsuperbannermeio string| tagm string| tagsmart number| dnkp object| denakoptag object| regeneratorRuntime boolean| r7BarraLoaded function| SortColBloPod string| txtf string| txt object| objf object| obj string| output string| y number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| dkpbjs object| google_tag_manager object| socl_BlackList object| socl_BlackListDNS function| localStorageDB function| uuid object| appConfig function| getCORS function| postCORS function| postJsonCORS function| putCORS function| deleteCORS object| soclPerfCounter object| soclCookie object| soclHelper object| soclError object| soclTracking object| soclConnect object| soclBounce object| firebaseMessaging object| soclPush object| soclOnsiteSales object| soclOnSite object| soclPushEngineAlfajor object| socl string| apiUrl string| wonkaUrl object| soclPorthole function| soclOuibounce object| soclOrganic object| soclBase32 string| google_user_agent_client_hint function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _ttprofiles number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| pbjs object| iall number| PREBID_TIMEOUT function| udm_ object| ns_p object| COMSCORE function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| dkpbjsChunk object| _pbjsGlobals object| TRC object| _tblConsole string| pm_pgtp undefined| msg string| c object| gapi object| ___jsl string| pubcidCookie object| google_tag_data object| change_video_button object| tag object| firstScriptTag object| player function| onYouTubeIframeAPIReady function| onPlayerReady boolean| done function| onPlayerStateChange function| changeVideo number| newsroomStartsLoadingTime object| tbNewsroom string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| pbjsChunk function| JSEncrypt object| ADAGIO object| invibes object| Criteo object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| preloadImages object| __wsconf function| ws_fpVal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| truvidScript object| currentScript boolean| IS_VISITOR boolean| IS_CUSTOMER boolean| IS_FREEMIUM object| jQuery111007322942544130415 function| Imager object| currentUser object| persona function| autosize function| videojs function| _V_ object| socialauth string| fotoramaVersion object| Atex function| initInfiniteScroll number| tocandovideo function| openNav function| closeNav number| counter function| retira_acentos function| Share object| $allVideos object| $allvideocapa object| $allVideosarticle object| $allVideosarticlefacebook object| $alltwitterlive object| $allliveblog object| $fluidEl number| atualizacapa function| IntScrollInfinito object| $playercapa function| googleSignInCallback function| FBstatusChangeCallback function| FBcheckLoginState function| fbAsyncInit object| imager number| taboola_view_id function| r7JsonpCallbackFooter string| key string| GoogleAnalyticsObject object| dinConfigs string| dinVERSION object| dinFunctions object| dinTargetForm object| dinWhatsForm object| dinSearchForm object| dinLogger object| dinLeadTracker string| _dPosclickSite object| dinPosclick function| _getdPosclickQueryParams function| _setdPosclickCookie function| _getdPosclickCookie function| _dAutomationGtmRegisterAccess function| _dAutomationGtmAddTimer function| _dAutomationGtmCloseTimer function| _dAutomationGtmAccess object| dinForms function| dinLoadFunction object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| FB object| __twttrll object| twttr object| __twttr boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| TTTagManager function| TTTagManagerError object| _ttq object| s0 object| s1 object| s2 object| s3 object| placementData boolean| truvid_cb_2778661053255069_loaded function| loadJSFile object| gaData function| Viewability function| Banner object| newObj10108470 object| googleapis object| swfobject function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg boolean| _tb_vd_pg object| newObj10142324 object| newObj9041896 object| _tfa string| nam object| sas_snippets object| newObj10203339 string| IbtRealTimeSJType function| loadOrtcFactory function| OrtcFactory function| OrtcError function| ortcIsValidUrl function| ortcIsValidInput function| ortcIsValidBoolean function| ortcIsFunction function| ortcIsString function| ortcIsArray function| ortcStrToArray function| IbtRealTimeSJ function| SockJS function| adBlockDetected function| createModal function| adBlockNotDetected function| isNewDailyVisitor function| createBlockingCookie function| deleteBlockingCookie function| blockingCookieExists function| logBlockedEvent function| logUnblockedEvent function| setCookie function| getCookie function| sendToLog function| BlockAdBlock object| blockAdBlock function| EventEmitter object| __WSAPI boolean| __WSLoaded number| connectionMetadataMaxSize object| ws_zones object| newObj9122889 object| newObj10188657 object| newObj9122927 object| newObj9122920 string| SOCKET_SERVER object| brWidgetInit object| truvid_protected function| playerLog object| trv_players object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| criteo_pubtag object| criteo_pubtag_prebid_108 object| Criteo_prebid_108 object| newObj10198480 string| n string| nq object| cmds object| _ttconversion object| ttcNamespace object| GoogleGcLKhOms object| tbopt string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| google_image_requests

4 Cookies

Domain/Path Name / Value
www.correiodopovo.com.br/ Name: ___ws_d_st
Value: {}
.doubleclick.net/ Name: IDE
Value: AHWqTUlGX6KTs8D1O2Ga_skMkAbPEVcz3HbfIda-vcN7H4uOkfO3epsIzCHJWl0gc9E
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.correiodopovo.com.br/ Name: dinTrafficSource
Value: eyJ1cmwiOiJodHRwczovL3d3dy5jb3JyZWlvZG9wb3ZvLmNvbS5ici8iLCJyZWZlcmVyIjoiIn0=

22 Console Messages

Source Level URL
Text
console-api error URL: https://www.correiodopovo.com.br/(Line 82)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 22)
Message:
No Prebid Auction [object Object]
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 31545
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 31546
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 55382
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 31547
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 53988
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 43190
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 59524
console-api error URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0(Line 822)
Message:
Callback function named "googleSignInCallback" not found
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 68987
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 14)
Message:
[runAuctions] 75721
console-api log URL: https://www.correiodopovo.com.br/(Line 7035)
Message:
1
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 22)
Message:
No Prebid Auction [object Object]
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 22)
Message:
No Prebid Auction [object Object]
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 28)
Message:
No Ad: sas_38077
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 28)
Message:
No Ad: sas_31549
console-api log URL: https://www.correiodopovo.com.br/(Line 7617)
Message:
atexFbInit complete; FB Object is Available
console-api log URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js(Line 28)
Message:
No Ad: sas_75721
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ad4mat.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
adservice.google.se
ajax.googleapis.com
analytics-wg.webgains.io
analytics.webgains.io
ap.lijit.com
api.webgains.io
apis.google.com
as.ad4m.at
assets.ad4m.at
b.t.tailtarget.com
barra.r7.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c2.taboola.com
c2shb.ssp.yahoo.com
cdn.datatables.net
cdn.jsdelivr.net
cdn.taboola.com
cdn.webspectator.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ced-ns.sascdn.com
ced.sascdn.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms-media-api.r7.com
connect.facebook.net
correiodopovo.com.br
creatives.sascdn.com
d.t.tailtarget.com
d.tailtarget.com
da889b50fd4e87334aa23b1099e33b7c.safeframe.googlesyndication.com
data.ad-score.com
dclk-match.dotomi.com
diapi.webgains.com
digital2.correiodopovo.com.br
dis.criteo.com
dsp.adfarm1.adition.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
go.trvdp.com
google2waycm.netmng.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
img.r7.com
jadserve.postrelease.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
match.taboola.com
msgws.webspectator.com
nr-events.taboola.com
p.trvdp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
plugins.soclminer.com.br
pm.w55c.net
portal.correiodopovo.com.br
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
r.turn.com
receiver.posclick.dinamize.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.c.appier.net
s.tribalfusion.com
s.trvdp.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
snippets.r7.com
ssbsync.smartadserver.com
ssl.gstatic.com
ssp.adriver.ru
static-de.ad4mat.net
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync-t1.taboola.com
sync.taboola.com
syndication.twitter.com
t.tailtarget.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
tag.navdmp.com
tagmanager.smartadserver.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
track.webgains.com
tracking.m6r.eu
trc-events.taboola.com
trc.taboola.com
tt-9964-3.seg.t.tailtarget.com
u.openx.net
um.simpli.fi
um.wbtrk.net
ups.analytics.yahoo.com
v3.denakop.com
vacina.saude.rs.gov.br
vid870.trvdp.com
w-it.m-t.io
webservices.webspectator.com
wfpscripts.webspectator.com
widget.perfectmarket.com
www.awin1.com
www.correiodopovo.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
www5.smartadserver.com
x.bidswitch.net
yt3.ggpht.com
google2waycm.netmng.com
pixel.tapad.com
um.wbtrk.net
104.111.230.142
104.111.237.88
104.111.239.217
104.244.42.136
13.226.159.116
13.226.159.129
13.226.159.60
13.248.242.197
130.211.115.4
139.162.117.143
141.226.124.194
141.226.124.198
141.226.124.202
141.226.124.204
141.226.124.210
141.226.124.225
141.226.124.236
141.226.124.240
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.162
142.250.186.38
143.204.98.31
151.101.193.181
159.253.128.188
159.65.196.12
174.137.133.49
178.250.0.163
178.250.0.165
18.156.0.31
18.156.12.32
18.158.174.89
18.193.131.224
18.194.4.26
18.195.155.181
185.184.10.30
185.33.221.88
185.64.190.78
185.64.190.80
185.86.138.131
185.86.138.143
188.42.191.196
189.16.116.12
192.132.33.46
194.126.175.195
198.148.27.139
199.187.193.165
199.232.137.44
2.16.186.105
2.16.186.113
2.18.232.111
2.19.35.65
200.198.173.170
2001:678:cb4:bbbb::11
213.254.244.23
216.52.2.39
2600:1901:0:76b9::
2600:9000:2156:4200:16:9bc3:4a80:93a1
2600:9000:2156:f800:d:3c0f:bcc0:93a1
2600:9000:2182:b600:3:7e1c:5b40:93a1
2600:9000:2182:de00:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:335d
2606:4700:10::6816:5a5
2606:4700:20::681a:bd1
2606:4700:20::ac43:450e
2606:4700:20::ac43:4a81
2606:4700:3032::6815:57ae
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6810:ff3
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e1:101::6cae:b25
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200d
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2013
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2016
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:ba29
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42:1b::621
2a04:4e42:3::621
2a04:4e42:600::300
3.120.52.76
3.23.208.81
3.232.160.141
34.102.185.99
34.192.67.210
34.234.139.177
34.252.41.130
34.98.64.218
35.156.106.231
35.157.246.167
35.186.193.173
35.201.123.184
46.236.13.147
52.1.252.251
52.203.172.63
52.58.117.74
52.58.206.142
54.73.127.151
54.89.32.238
66.155.71.25
69.173.144.165
81.222.128.216
81.29.72.47
85.114.159.118
00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48
02da92e0423eb89630188f863e4f3b43c519506bfe020ac4938c8183c43c48fc
03409cd7411458e049326fd43e6781ab4776e36c168e56d16c5e20807565399f
03d6cb7a87615f1c3c62371ed111f5c46e74ea2c1e9ae66c776d9aecc33acec2
03f14357b2de695aa54c32f6aa655da2e30c383035c0cead7234c80517f7740b
06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b
064c8e686adbe696ff37163795f9c21c79cc74dd187981ed23b9169a3eb4cbb0
06c06ca6fd1c64b54fe0e5d08246bab6376fa4888d7e70086c54e2107c72483c
06d5135164cf7ce56902eefb2a0e6489574b843dccf3675b26dbef2eadb6da0e
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09af7955961150723ea0355355a643022c613bb71c8e1da8fd6c28703c6da88c
0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0
0ea7a5cf34e2d3962b8bed59055411f4fe67aa93f24317f31620d48898145dd8
0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf
13525031ba4cbb31fad3d6255f815a1f5652b853db2cb353c3dd113f77511cb1
13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14cc03bc3cb62a25bc65bb84d6a79e30a8e18abfdd395ecc9000861ee45443dd
1522e3c015d201d5754016ab5fe55a980dec1b7c2f0e631cd08fcca92f4ad771
1533a0437bab2af5169ff33ed8f37ebb2791793bb3e7001bbd6452a8db798216
154d007e55175b36c38a1058f3d5c8a91c6eab77fd0b3526cc951fde4db74d0c
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0
17f51b6b7becd307827ebd7e0184f13419a7df47827d58f758d958534ef32c58
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb
1a979b394322a2357da9e695cf368fb89a9356aa593bf50d6f783aae08bdd5ae
1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd
1cc57087554d40537da73384e49c47576e8711e6f08f4c533507429d2126f334
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1f08d457c44a44d90b81e91529bb790b7e4be6fffee8fb7897d15a99d32ac166
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
23065ac50fbf4fe67ecd0005b53442c0fd7f35c15f60c0504a7b806f3907ec4b
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3
247dd94769bee5c85d3c04cf663c1f14320f0173fa82a9843cb034aaa117efb6
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
254ff444aad55a425fdb1aa6a68ea03e0405d96fb3bd7f1a0a8b054223dc0598
25678f774852d560199826a6b58ee56d79b39cdb853476c81c88af9e692d5f3b
25c03f21a884c7d46a0cc9f2c86844d2eaaa1fa8dac6c96806bbf7703437cd57
2652d95076e8367afbd56698c41ada9ec8130aa91724896701504f5f4b847063
26ca00b9a3c859f4afd47df6036e8fc4dc11ede3eabc53ac36d1539c1eb8b89a
2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
27b9c3dfc13ae75a252f4a4b373d78fc5847fb6d43f7ace203a336ad09ee04c8
27ecc7acc0fa67739b96ed12555be77a79eac5e0798fc54372e560603cf25d66
292dcebbeba9c882fde44e8421d8ccb3eb1d69a74291d0e2aa5a02407a79a1d5
29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13
2ab51899c4c7bd902e2a2343d1d368b37d39a02e75c0f941154d35f86ffb3cd2
2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151
2b9e250a908b25e99340a8adc9a4756ff2b894990e47b7cf6229b46ba88f1496
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861
2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919
2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968
3277d89c9ed0fce41b518b0320f0580cd28898d6e95558554551dda824ab7a1a
33ad00399ba4311dea26db7017ae94931d5243a4d35df09aaf59c2d40c73a874
34e7f14f851cc76f658c5fc0673759576b14e57659145f186d037306c340b7f8
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
37f6bd1d204309c066e74a69104e21f14ebd0e2b98e8a0fffcb54c00253ebc8f
38925d240f4b29b4c9fa9607af4efac53ada2ed1659acdf69262934abb6223a2
38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df
3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f
3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3deb4de030b04672efd89912ec81df3a7254e7e062e9600debe5c92edd6c77b6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72
3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206
406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a
40f2b6e9b169afed3838d9ac668af7378d77ec312ca2a1f2532eb10a6263ab70
423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86
425986da2e02da8b34033595c0bc8208f07136653cae6b24393ee50bd35b8415
42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2
43b8924e1838709ed3c11df6d5de135cf72acbc72d0628f5299964dd3ba24aab
441e54b1dba4df6b3fc07406d82f1e6069bb799c4c42f7296bf1830717c1aae7
4526ecd5b2344a650015b1c50907d28ae0aca92516dec9a9be497d1c0f9df8cd
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d
46fd479ffb31457f997272daabf4e1791a0f0814c2127888ef6ecd526d37d00b
4754d63697b4929293d4a37bca2a1707a35ef626f343a9c480d8b6abca03c1cf
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48383e5afdcb0c170f0a020a9ce7267962745588e7b64620d1a901c751012774
489f68fbabbda7aef5b332609440295a01305b3c967e1fd039f94d091388a766
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb
4a41ff0abda9ec33155bf0ed4b89299f5f1d2c5900316ca1ac1bd4e01dbf7ae3
4bbc9cabb74840a85dbdb6dc7dd227f1a7745600b530cd305c1bdcd66165f267
4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484
4cc755a99349527933df50f5338a02d972da947a4c25f4a5309f4545ddc40ee1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457
4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
4ff1150e4f3a0813c75efb1677bedc705606aa470ba04442d07cd95156eb41d0
508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e
52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6
53cc33c85119a8602d91e4e4d01ccb630d85ac42c1c0ea156744d3f75aba1358
542771a9d4f62d0eece099fb46cb340d97c637ccb1c3af7c202d6a5bb0e48ca9
544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
5650acd82e1b95792dcaecd60560958b521642b140f79eddc1c63ae8873409d2
56f2a1bd4b602a28ea69fde2910ce59d2c41449c6ed1cef157066db214489133
57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a
58a2da1badb87d8a8f138ad06f31a8c9b67f791738cfa1ae755fe4f054061a9e
58bbcfe2bbcaf517a2d56e6e0a932582d638739d2f9fcd04d617bd8c389b9aec
593c7304278474fa6e76b1311e99a4a98766da62a4d22af102cfb79bb010f6e5
595b403da260ce0bca3c5c65929755b33f32e3cfc402863713273dbf4782b9a1
59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59eeb2016f8917917123482aa490fd828f9e88de1fd8f1f7b9598817ea431a34
5b3373d26e094f2aa6c1c6093de6870d8df1c1412389eaee206bd38f3c5ff81d
5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b
5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690
5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe
600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359
607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b
60b100d1ecb1610c2e3e15e322549a5b0902d5b611bea2dd2369159566efe5d5
6152bfeecad2d29b475f5c67e4e649551203ff8fe5aa99112964bdac59f138f8
61baec055a03b6a73f810f541d1908f3e094a4867e0f4beb13a2ccf40fe25787
622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d
624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4
62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420
64872f9d07c6c4a91d9e1febf7e3908b8637c88e31e409786a34a616ff8a7d27
65929976a7474811485e91671303abba0e9073934a7712e9426cfc0996bb21f2
65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b
65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624
66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b
66eb27bc477627e82635f4fe9daa8d223e0415566e085ff2a5f238b4455dda8f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
6856c5a3a26b5a3f2ead70ca56870769d1fee88f9c457f4360812f2203565824
68a2dd980b4129eb4b52d803dcd12b960fa872dbee8fa53d40a8b1bce1ab162c
69feeb133046fd550269bb9754aae68436ae429b6cb5e5ae7f5e11fa7d4ed7f4
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b51d431df5d7f141cbececcf79edf3dd861c3b4069f0b11661a3eefacbba918
6b734e590bddfdf21347ee10542429341b1c47f7d1afafeac1b6988cbf59cc3f
6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e
6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43
6c42320bb5d776dd387b759a6c35d206cb7ff46aad01a54f3e0aad7bfd857945
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a
6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
6f4b6612125fb3a0daecd2799dfd6c9c299424fd920f9b308110a2c1fbd8f443
6fe2709db54fb3d3dc405af9a6dc0ba3f8b0a9c48bcd65866c971fa908e87965
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70905ec0831335dacef8392d3de9e92fe4d5bb6f3df2c68d3415f029efbff40b
715f82f2ac5561a972188c3804b08b134a02ad4536b139ec8af1d010f90efa9f
71830960105bee09642f0419c8a01df0510b405f40691d76a58e9854f5d8ea50
72aed1997751de7e8f28a344f8313a83b283266bde77975b198cdac981075dda
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390
74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a
75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c
77c74fb119355006d8dc9fb11a66fb12167d25743f29ed19697bfb4703f6e00e
78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7a05b3c7a80fdddae80709d3629d1b68eb1e2b7f179cdb1d6f18d64c4bb019c3
7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b
7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970
7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb
7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0
8048551008ffd51823ff935cfe8b20691143984aa7bc3b7d2e720af92ee54a98
80978af32a775f5c0360c985b93663e2d612a84f0df2d82782cb0971b41f4f0e
80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4
8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
8820f41878c49d1387ad4d4e4ee09ab48ca9abc391b5079215179571b276698e
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
89e257af7797e5e9f60aa21a99fac86a9c0be1b14c8909cd2c69b7c756f9936b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2d325c23e26dc0b7327635f857311164b25e3cb3aee9a1040147666b86f220
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8c47d2f26c45aa2edee7054b2eaea7935b3a114adc98042c8f801f4b263f1e33
8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7401bef80e31a1aa3a2d1daab189dfba7f02a21e7cfef216e011f0c05a74da
8d92a7e1b29f408f7bcb0d2c0a1b1006a9124b7cc185840f13fe5a87459f8ab3
8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1
8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
903f83eda0232beac5bcea17d7072f288e81dbc9839eeab1ec432e2b74e42e44
90cf17d96e39c02d4a40d61a6bee63a980fcdab9af5b1b22d41aa9267263cab9
913fae55662b6256d4a561fc2e1e3f0b414a4fe0bd74c10b1d5aefdd06e90226
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
917e3b0ca98580fb4957573da5d4ba2759d8561bb1441e7769a7d34f68a07e73
923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053
9324517cb9a358ecd244cc867152c2d14dc4b71bf0d4c84234532b87dc8234a2
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe
94adaa642ceca22b6b18bf5ee73a15b65057040a140f892f9034012cffad5048
95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294
96051d7b87fad520c1a70ad7180314578b397f49ed6c7fa13bb855a62a828c8a
961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454
9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
982d34951038f20a2cfd09cb3fb85a55ccecd7016b73a10f5bac83cdc5d55fee
98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9847d43764d602ee2142f8cef1865c18f839e8f8048056c65fe5fff7bb686ee3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa215398a9a040f49cf7447017c04d7189770f88338cc67849c5d3f86e6b4b8
9b6a26723013a685c4499ae4691675b2e4b2d8616e8497305902973b5722957b
9ba17dbb71ef465749fe2f25f7355c748b02004c2edc4aff67b4bee42a7acfd3
9c6b571c533cbbdd92050d83e034f87749357af65d54f02fab1336ae5f2bb2ee
9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47
9cda094b418f993e9af91feb07b3b5c09c5244cb83acd6d34d9217a8f689e9f1
9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5
9fe944818c4cd78e2be08784d5c2b86e18ac1a037cb84b17587de9c21987bfef
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
a0188b6a639e9dbb37223ad5a3b2fc37507e64098cfc87c86cfc9dd3e3e0e2a4
a03d2ecca41279eeac9eb9cbffc4dc85c7d65e649ebc4c11a0bc5180eb5d3842
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a
a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a450482032fc327ab80a62e5c115bea3f6d2129b9066ffeec9eb3c98b55039bc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab
a5e707ebeb7fe50531dcd4341ed8d5d75ff393ed7144e8d51ba7a1fe88594329
a5fa96c29827a86b627551aaf210608e27a313458a76333b51b38db32b4ae648
a656137c96d7c5550298220b3583603d6342a582bb53251bdcc52dace3716d4b
a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
a8cf69a63ad301f48215e497d0c01c6b59db2a7da64d278045b12f3b49a84a99
a953f09a1b6b6725b81956e9ad0b1eb49e3ad40004c04307ef8af6246a054116
aa68690e91a4fd57e531b973bf7d5b4fe294a924b260dc424b0ecfd964d7214a
aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc
aacd834b5cdc64a329e27649143406dd068306542988dfc250d6184745894849
ac000442cc6bd9e354598b83b56015c4162a8f3ad5450278b0abf77d85904958
ac35bf76512423e822153fb80ba9f117bbba3833364bffe51c6e0a9144b75fe5
af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e
af4d80a8089645c37cfb87c14ac2102a7d0a05646953be0b7f5fb7c13361a184
b100aa9fcecae6f2c48ac34d8d06dafbd1a7bcbb3c270e83d592dad6eea8f26e
b12249dec66346ab54bdf84a52f319b4232f4bec860f2af1f4cbec627b55424d
b1267dcc220bd472ae19df58959d2c036e2dec2bce1263e1b6ba201034b9e331
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b34ca567f7a2c8fec55ea128d4ad8d19b834390053555cfe5d41945204c2cb77
b49264f234d7237e59604a5238e76d79a3dbbda3fd7c2678faa34e2e35a74a9c
b4ab65cef5372eca17c0289cd9a2fa4404ae54d4847dcccb3f1bd0d0a292e28d
b565eac7d1d4b1e44b4c8f24a8ddd2fca85977e432eb0cbd76c4d3160080a89f
b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9
b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b5fae5af4f5970094cc33b7f9e835218efb988926e77acc342bf5fb6062f7251
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b9c5ebe7087c79a1238f4bc4570ed938ba6daf343abd24fd886d8976e1ef05c0
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
bb09854c2602eeb51cf87dd84b2dd665647fd37fcfe271cad34c8bb1b3b035a3
bb33c676767ae63aa8bf20827c88ea4eeffd617f1bbb46ab2285803862f76572
bb731be92c4bfe2360141c42a987ee49e2191ed75e2efff0dcc42e1882d6da7b
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
bc546538134467f1fe17c8e585441fe3dc8c046b5d96be7958771746cbd90d63
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33
be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7
bf86e918e148f2dac51be2ff472dfd9181096690f868fc3883ace839ea916ee8
bfdab520d03250a1006897b2d2d8c479761d70a2e1201395820850db1b4ffdf9
c01c98dc32c9889b4120afd376d61fe7a172b6cb323b48011b71572a4d97ff8a
c12831f9e496736b05c74491ab84a9a20e7a88af99196f838a81455a8dc9e960
c1f69213528405947dfb640431c28fffb1e6228406adae7097077c0760d52a21
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f
c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c647ccf80aaf1e7e79efb05944ba010eccdbdd6bb95f5e0c6101fad803fa8fe2
c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273
c6f0dd8206df9adfe84428c4f85f678b1a01270a8359bbeef265f69bd94560a4
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647
c888181a33972580a293f93de0dc3ca3f95628d604f76e58b8e3dc5987a3714c
c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85
c9a201eaae3eb82354828a587748363df6047f6d71be7ac22fc7194f9c421662
c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb81625c17c0a4b26619b3a2ccbbf24db5b463db756bb015f149c89a7909b148
cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc63a7c25d2001fdcf43eaaf8ef8e5ad36849d00f286111f60b9b21b6f77ddd3
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
cd1804a655274f2d41aaa315e3fac8c09135cd1f2f8e75ba2b00bebe9bcad575
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf487f0a51b3f46d2b7dc753ce7141f2cecf3e50e0df3bdf0b23fc24e7e8e17e
cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f
cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a
d1c1b72b84888109ab498bff1b1e7f6869f21c420e4b72e719e4b3521ee1fc22
d21e4d902582eb3f4d9b5c49ea349a2d240f2075fc3853ce912590e7a990b8a8
d27b6d403bf1ecd3fbc68a5f1e512b619ab84792d927dd6d1c43669873613825
d2c0261cc4b11c2425f732c951d1ebf03322879eb365718e6157e042370e45d6
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4
d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d797459929dca4c879a9061464a074266cd7a9f343612b318d4754596932b5e1
d7a3d2da4fb30cf35a5a21885bbfa168d153082d26b3353a507ef9a2e15dc173
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7db787732cb32ca342e858cf3036bf0bb0ae0f68fee5be8e2f19a7a3bfdecb0
d7eb3effef6340a2d1b6320cb06e0fda1554de14bcf1e2c061df468f6f05f174
d94aa4db4075a7603c7b43751041c425d48d0d0ece8b3c71f2994a5a8506bdb6
d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3
db211fa93979748adaf10d35425e227f18f1555feb1561b244d630014d8cebb1
db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd
dbe0459d389f72356710d03e95a19ec9c7567d997669663c14cf59a218932865
dc8d4219659e440c995fd466d5e09ff8b5ad53215a6d3fe1bae78b13cca8969b
de08ce53e0428ac94c581228d1f8cff8b8a311693af041c4491466562eaabca1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21
de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6
df0e9d18862f0197fc60b1e7fc79d8eb9d7af159d83566444beafd27a494d8e6
df356f8aa91e7f14dc79f22056218dddc3b711545e6d5d2d1e72eaa17b052f1f
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56
e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747
e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21
e3284683e2501316168c3a9277ffdbb723b03978c2d0f5de0c20f69831e7dbe1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc5737fee1d0eb209474fc463a0b9c30a31442e49849a107cac9ec383200b4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5b2a4cf0d56caf2af3be5124f9c5985ae3b4ab1f0af7e60ec674e927d25a456
e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209
e890adc3d6afeb89eac22b54de7cd2796e99dc6a36b74371a6736d423e39fa33
e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0
ea7d1fa2179a86727124a927345531fd0d658c71891b493cbb96504b8dffa70e
eabbf8979725c08a7ea1fa4e9593c90f2262bc7abff885a43c2fc3b7f9fbf9a1
eb1b3ae9c432c1118b34c118066c8483924a212175762f5c0dbc89edd70df10f
eb4ae3f9797114dc5c7057650a0c8e6832099263c3f5b227b10d53748d6f849c
ebbeb494fed0fa1b7d0dde21fb7cdf6ee58cb6e27d71296ca50be940f3cc4b70
ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4
eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2eb05a42f913e9d0b507359bf249acc024088eae85e30976cca0169a557cd2
ee4b4e078105ba1eda7657eb89a1dedab2118f7485e44364940501be87cf689c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb04487a11f842cf3a348da95a4d026c1a02eae90b6b66b365545c35e8376ed
f0042d9582d7e35a76a80cea3f94a97c2f35e87b4526b1adc994daf7c708094d
f0bcabc362262d1e092b9eccf8d9a17beb41f3fe20142b788709c5bede7764e5
f141f5c8d8a386596dafb30751b91df4faa740d176e3fc1ef6db66edda40d98b
f1f48adf50ca985b6bde8b82bd9c567c313b38267ff0f16b7b7d6e61c9fe9644
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2fd074267712dd99f55c596251444b59220f543d600bf42c5b72038e021bdb3
f3c22c1a15f4967911575778098fcd4b36055b8f04214df80b6d72949de9af91
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f3f01368cb693202ac37927a7c80ea4df5d065b0e3d5509b94f51bac66936adc
f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052
f5715ad91ced999c2e3dd435a913df65643ca129cfd0f82122f38cbbb8a8d112
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97
f9b29e7257cfb5e783e10b78557c63f08b5fe7766a6dcb327d759d4fc91904ab
fa704a28cf00f11bdf9ac25e9b7acb1b77aa22fa1616b9a85d2a5413f3e64f6e
fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb
fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba
fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a
fd29c36a724eb1f14fc760ca939c4c70df6b3923e620a3e6c57125b964bf7880
fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2