www.expressodopovo.com.br Open in urlscan Pro
165.227.252.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://expressodopovo.com.br/
Effective URL:
http://www.expressodopovo.com.br/
Submission Tags: krdtest
Submission: On May 11 via api (May 11th 2021, 8:25:35 pm UTC) from JP

Summary HTTP 102 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 102 HTTP transactions. The main IP is 165.227.252.94, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.expressodopovo.com.br.

This is the only time www.expressodopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.114.119.26 167.114.119.26	16276 (OVH) (OVH)
2	165.227.252.94 165.227.252.94	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
66	2606:4700:20:... 2606:4700:20::681a:160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
102	17

1 167.114.119.26 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: acesso.servidorsaturno.com.br

expressodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 165.227.252.94 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.expressodopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2606:4700:20::681a:160 (United States)

ASN13335 (CLOUDFLARENET, US)

pbr-def.srvsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbr-str.srvsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	srvsite.com pbr-def.srvsite.com pbr-str.srvsite.com	2 MB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	204 KB
7	facebook.com www.facebook.com	157 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	68 KB
3	ytimg.com i1.ytimg.com	29 KB
3	expressodopovo.com.br 1 redirects expressodopovo.com.br www.expressodopovo.com.br	14 KB
2	fbcdn.net scontent-frx5-1.xx.fbcdn.net scontent-frt3-2.xx.fbcdn.net	35 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	gstatic.com fonts.gstatic.com	29 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	415 B
102	13

	Domain	Requested by
34	pbr-str.srvsite.com	www.expressodopovo.com.br pbr-def.srvsite.com
32	pbr-def.srvsite.com	www.expressodopovo.com.br pbr-def.srvsite.com
7	www.facebook.com	www.expressodopovo.com.br www.facebook.com
6	pagead2.googlesyndication.com	www.expressodopovo.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.googleapis.com	www.expressodopovo.com.br
3	i1.ytimg.com	www.expressodopovo.com.br
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ajax.googleapis.com	www.expressodopovo.com.br
2	www.expressodopovo.com.br	www.expressodopovo.com.br
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	expressodopovo.com.br	1 redirects
102	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
www.youtube.com
instagram.com
g1.globo.com
hostmelodia.com.br

Subject Issuer	Validity	Valid
www.expressodopovo.com.br R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.expressodopovo.com.br/
Frame ID: 1105F5C46C725AE2149EEF5DF36CE0CD
Requests: 89 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Frame ID: 5771C0199CE1D2F02471F8841D3CF62B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html
Frame ID: 02578A435178D4AD0F20A2898FBFA729
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2140207384726849&output=html&adk=1812271804&adf=3025194257&lmt=1620764712&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.expressodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1620764712822&bpp=4&bdt=282&idt=70&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6059734170283&frm=20&pv=2&ga_vid=1530278960.1620764713&ga_sid=1620764713&ga_hid=1600101053&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956&oid=3&pvsid=3996324760791146&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=123
Frame ID: E06B13E77D9A92DE4C3C4C7D8C47BC4C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 9CF40957671955F1FECB15AA61038B1F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://expressodopovo.com.br/ HTTP 301
https://www.expressodopovo.com.br/ Page URL
http://www.expressodopovo.com.br/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

102
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

3033 kB
Transfer

4401 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Expresso-do-Povo-100918045302600

Search URL Search Domain Scan URL

URL: http://www.twitter.com/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCaYorBfF0VKNwqmoWiGsBAg

Search URL Search Domain Scan URL

URL: https://instagram.com/expressodopovo?igshid=1206tiwi2r50d

Search URL Search Domain Scan URL

URL: https://g1.globo.com/rs/rio-grande-do-sul/noticia/2021/05/11/margs-reabre-com-duas-exposicoes-ineditas-em-porto-alegre.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/sp/sao-jose-do-rio-preto-aracatuba/noticia/2021/05/11/policia-encontra-tijolos-de-maconha-em-bagagem-de-passageiro-de-onibus-em-rodovia-de-penapolis.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/al/alagoas/noticia/2021/05/11/mutirao-auxilia-na-mudanca-de-nome-e-genero-em-documentos-de-pessoas-trans-em-maceio.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/pe/pernambuco/noticia/2021/05/11/mulher-e-assassinada-a-tiros-em-via-publica-de-jaboatao-dos-guararapes.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/mg/minas-gerais/noticia/2021/05/11/oportunidade-mg-tem-varios-concursos-abertos-com-5170-vagas-e-salarios-de-ate-r-95-mil.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/ms/mato-grosso-do-sul/especial-publicitario/sertao/sertao-pra-toda-obra/noticia/2021/05/11/suando-para-cortar-madeira.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/es/espirito-santo/noticia/2021/05/11/idoso-morto-por-covid-19-e-sepultado-em-cova-alagada-no-es.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/mg/centro-oeste/noticia/2021/05/11/inscricoes-estao-abertas-para-6a-edicao-da-mostra-de-cenas-curtas-de-teatro-e-danca-em-para-de-minas.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://g1.globo.com/mt/mato-grosso/noticia/2021/05/11/suspeito-de-assalto-a-bancos-e-morto-em-confronto-com-a-policia-em-mt.ghtml
Title:

Search URL Search Domain Scan URL

URL: https://hostmelodia.com.br/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://expressodopovo.com.br/ HTTP 301
https://www.expressodopovo.com.br/ Page URL
http://www.expressodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://expressodopovo.com.br/ HTTP 301
https://www.expressodopovo.com.br/

Request Chain 43

http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false HTTP 307
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set / Show response
www.expressodopovo.com.br/
Redirect Chain

https://expressodopovo.com.br/
https://www.expressodopovo.com.br/

34 KB
7 KB

809ms
567ms

Document
text/html

165.227.252.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expressodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.252.94 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 01a5043e72cb1396762018f864155e23d9a75e37de811a63cb6669404241f65a

Request headers

Host: www.expressodopovo.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 11 May 2021 20:25:11 GMT
Server: Apache/2.4.46 (Ubuntu)
Set-Cookie: PHPSESSID=r7mf06et3m1n76guns73pocali; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 6811
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

Redirect headers

server: nginx
date: Tue, 11 May 2021 20:25:10 GMT
content-type: text/html; charset=iso-8859-1
content-length: 242
location: https://www.expressodopovo.com.br/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 May 2021 20:06:27 GMT
server: ESF
date: Tue, 11 May 2021 20:25:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 May 2021 20:25:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
501 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 May 2021 19:18:50 GMT
server: ESF
date: Tue, 11 May 2021 20:25:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 May 2021 20:25:11 GMT

GET
H2 200 estilo.php
pbr-def.srvsite.com/template/noticias/css/ 31 KB
5 KB 169ms
141ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb969ed193b134167917e74f7b93f42fe0b0346aa7aa4959e10967d03c42975

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DDQrVTwOirwEalfapc9stFfH3EK3KnV1wKUXlUyhDTRYYB%2BWrI2erp6qM6z7LPe60dq%2FWrtUuC5ybjqmMBggq0T80%2BPCTXe6MtOlUyBtpZ6QSr6tBXEYgn%2BbUOACBGVp"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=ISO-8859-1
access-control-allow-origin: *
cf-ray: 64de22981fafd709-FRA
cf-request-id: 09feb3f3130000d709e2204000000001

GET
H2 200 flexslider.css
pbr-def.srvsite.com/template/noticias/css/ 7 KB
2 KB 58ms
30ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/css/flexslider.css
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedd7e3ecef2cd050c2e053e3e60cfafbf904acdeba7925bc87f6f4dfcdf80f0

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7136
cf-request-id: 09feb3f3130000d7091b9bc000000001
last-modified: Wed, 25 Oct 2017 19:29:32 GMT
server: cloudflare
etag: W/"1acf-55c641330bf00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uWyBon2B5BYNNqJ%2BeaEtLxC84xT6HECN0lsmiI1XuBzXCnw8x0zopzMYRcbGWn5on33ymNwR5RZnE2MbxjxDQOW8uZyPDzB75Dq%2Fi71DaqfcuPdFa%2BQY9v9kupcEdId%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de22981fb4d709-FRA

GET
H2 200 responsiveslides.css
pbr-def.srvsite.com/template/noticias/responsiveslides/ 490 B
749 B 46ms
18ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.css
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7136
cf-request-id: 09feb3f3140000d709ff97a000000001
last-modified: Mon, 18 Jun 2018 19:07:29 GMT
server: cloudflare
etag: W/"1ea-56eef46e1de40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DDIpU6zRq1%2F9kUzY4mimfyD9r%2BWW028ba2QtfdZnat3A4JMov0jJBL2%2FUDKd%2FDV4daDubMODv5bDi7J%2FUm%2BLPKvjJ2rx9QUIK5rn%2BZCmKq0KuC3ioVWUvAdTlcuYHMjp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de22981fb7d709-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 13:48:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23777
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 May 2022 13:48:54 GMT

GET
H2 200 funcoes.php Show response
pbr-def.srvsite.com/template/noticias/js/ 3 KB
2 KB 156ms
129ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/js/funcoes.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d3ab3c83c72b3220bfe179f795d6c87e2d87756577c5a7d51fdd99e89206944

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=brrz2h3Luc8DLZ%2B%2BgI2imZicYLSGjyNw6D8nBit%2BvTrpVR2b%2B%2BC1JdKWPhn4meliSmFM2nH9gazRK0VQ%2FFQPc6gpC8LenE6f52zEDXKPKDN0j6VEGImb2egwpjsKr5dL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 64de22981fbcd709-FRA
cf-request-id: 09feb3f3140000d709de1bd000000001

GET
H2 200 cabecalho-8546-20210107102026.png
pbr-str.srvsite.com/arquivos/8546/ 84 KB
85 KB 188ms
178ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/cabecalho-8546-20210107102026.png
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 07 Jan 2021 13:20:27 GMT
server: cloudflare
etag: "15037-5b84f4d946993"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MqNdPl4X7TfwK%2F%2FOZlZr4mItGWM6oM1LYv0IVX7SDk9GjuXbI8dc5b%2F3HK0RsKD39%2BhJZ%2B5zPJ02hJoDvhjUmLPljzzq5GaiIOKYON%2BMm7ZlDLQrUI1y0nKjJKLTTrFQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 64de22992a1cd709-FRA
content-length: 86071
cf-request-id: 09feb3f3bd0000d709c8037000000001

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49908
x-xss-protection: 0
server: cafe
etag: 13815580874420029976
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 May 2021 20:25:11 GMT

GET
H2 200 ico-visitas.png
pbr-def.srvsite.com/img/ 1 KB
2 KB 19ms
19ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/img/ico-visitas.png
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2502
content-length: 1223
cf-request-id: 09feb3f3f50000d7093aa66000000001
last-modified: Mon, 21 Oct 2019 19:40:15 GMT
server: cloudflare
etag: "4c7-59570da4e65c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uk6Ua%2BzIpUfgyKdb5oAkXIONYcQ9LgwswvvD3s8Z8xxzhQ8McxQSuot8tOM%2FC5DmjX3hA2gg48U%2FDOXUhds%2BlQ%2Fqb2PJ8ZQF%2BpOJ%2FUgrdXv%2FM8ZI5cA2bJTeewCLUzgk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22998abdd709-FRA

GET
H2 200 ico-usuarios-online.png
pbr-def.srvsite.com/img/ 2 KB
2 KB 17ms
17ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/img/ico-usuarios-online.png
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1690
content-length: 2077
cf-request-id: 09feb3f40a0000d709fbb03000000001
last-modified: Mon, 21 Oct 2019 19:40:14 GMT
server: cloudflare
etag: "81d-59570da3f2380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QYl5%2FQud0PwA%2Bt2x0cYpflS%2FcnCkmK4DYgWLdP5%2BFhwUGY6GckxZcRCtSffB0h7Jch344QprZVK3qWazNda%2Fx8BBaOKbpjz2MgdIX6OmGPkaOQDE%2FPMoKWReZsAKeMBE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de2299ab02d709-FRA

GET
H2 200 rodape-357-20161129132848.jpg
pbr-str.srvsite.com/arquivos/revenda/357/ 29 KB
29 KB 197ms
197ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/revenda/357/rodape-357-20161129132848.jpg
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 29455
cf-request-id: 09feb3f4230000d7093aa6c000000001
last-modified: Tue, 29 Nov 2016 16:28:48 GMT
server: cloudflare
etag: "730f-542731534b000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4CfVbSRwvFAeghbb4vSt4cbAivxPPXqHIKI4XIcMizF296LoiTRDcY%2FGahFXo7Nq%2F3lG0LPGPrEW%2B6E3M2tPR0zkX%2FvMSrTGneQyFBh2f9d0oqQ6Yn0w%2By3gnoKDv8dB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de2299cb67d709-FRA
cf-bgj: h2pri

GET
H2 200 jquery-1.7.2.min.js
pbr-def.srvsite.com/template/noticias/js/ 93 KB
32 KB 23ms
23ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/js/jquery-1.7.2.min.js
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7135
cf-request-id: 09feb3f3950000d709e0af3000000001
last-modified: Mon, 21 Oct 2019 19:41:48 GMT
server: cloudflare
etag: W/"1727b-59570dfd97700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xl4lbPVTzDmB5ANRlajlmQfEhrQGQDTkM52lLPuCeW0UM7lMB4h3g8tpIfeF3ZHl%2FRNk433kuNoJj6UA6hswqOhVXQR2Kb9UWbzDEoXLbfaaekL2q6ap951n%2BnZVJSwj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de2298e9a2d709-FRA

GET
H2 200 responsiveslides.min.js
pbr-def.srvsite.com/template/noticias/responsiveslides/ 3 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.min.js
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7135
cf-request-id: 09feb3f3a40000d709ff989000000001
last-modified: Mon, 18 Jun 2018 19:07:30 GMT
server: cloudflare
etag: W/"d44-56eef46f12080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0pNxV2ogR8lCmCQigjqeQ5qgBigSFdZTlBvPCpRRVv%2FRathBE94XmVwiRRwcasmDn%2FFU0BXPBRbP%2BuinXQy0zv4RdumsRMfvpAPYXssFk6IWCOADHMgTr35oPVptR6zr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229909d5d709-FRA

GET
H2 200 jquery.flexslider.js
pbr-def.srvsite.com/template/noticias/js/ 54 KB
12 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/js/jquery.flexslider.js
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7135
cf-request-id: 09feb3f3b50000d70926a58000000001
last-modified: Wed, 25 Oct 2017 19:29:36 GMT
server: cloudflare
etag: W/"d6ab-55c64136dc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cxfCgsk%2Bd9kzdjtCIWX%2Bgw9Gt13FYF%2FUM%2FJ3qEXe0arMRTuPiFAdoZJtwgW898zwxyCTblz4qk%2BsJJiDSKbBI7RzzAFKltBkjU7pZL%2B6ypWnGuqXv1jlvdXUreu5pEb%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229929fad709-FRA

GET
H2 200 font-awesome.css
pbr-def.srvsite.com/template/noticias/font/awesome/ 36 KB
7 KB 30ms
28ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af0a3c8dff6ac422f4ef2274045a749085d566eb0ad957f326ab270b3098c03

Request headers

Referer: https://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7136
cf-request-id: 09feb3f31a0000d70936090000000001
last-modified: Thu, 21 Jun 2018 17:40:59 GMT
server: cloudflare
etag: W/"917e-56f2a6b0ee0c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SV%2Fi1Akx4wvy%2B3n2pRE2lMBpmjNgLibQ01QQZrZe3C0%2FdKMDz9cQwN5TSWA%2FXKwZMReDlQDfyQfk4ScQy7XXfZRqKBHu0ejgX8dwPc8rQhQrBg5%2Bs7xiwnp2aInQPf1T"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de22981fb9d709-FRA

GET
H/1.1 200
OK Primary Request / Show response
www.expressodopovo.com.br/ 34 KB
7 KB 667ms
652ms Document
text/html 165.227.252.94
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://www.expressodopovo.com.br/
Requested by: Host: www.expressodopovo.com.br
URL: https://www.expressodopovo.com.br/
Protocol: HTTP/1.1
Server: 165.227.252.94 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 8ebca2e343cf7e710efd1fb79e22dbcd9b4c86fb39b78eda216d1fb7fcc72f5c

Request headers

Host: www.expressodopovo.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=r7mf06et3m1n76guns73pocali
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 11 May 2021 20:25:11 GMT
Server: Apache/2.4.46 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 6803
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=ISO-8859-1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
727 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 May 2021 19:45:52 GMT
server: ESF
date: Tue, 11 May 2021 20:25:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 May 2021 20:25:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
501 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 May 2021 19:43:09 GMT
server: ESF
date: Tue, 11 May 2021 20:25:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 May 2021 20:25:12 GMT

GET
H2 200 estilo.php
pbr-def.srvsite.com/template/noticias/css/ 31 KB
5 KB 120ms
118ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb969ed193b134167917e74f7b93f42fe0b0346aa7aa4959e10967d03c42975

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2F8pzrzRkIKI%2F2%2FTbl3xY1b1r%2BgUqEXJcDLELS6Uq3LfMtYJzhzGkTgqGO8JuXTluQ30ZKsoIFm754OpuEqmzkzNQWPu2edIZ%2BWD6M2bHOAHvRGBAc%2B%2FvtITDAHQwtXg"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=ISO-8859-1
access-control-allow-origin: *
cf-ray: 64de229d6ae3d709-FRA
cf-request-id: 09feb3f6630000d709e0b2a000000001

GET
H2 200 flexslider.css
pbr-def.srvsite.com/template/noticias/css/ 7 KB
2 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/css/flexslider.css
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedd7e3ecef2cd050c2e053e3e60cfafbf904acdeba7925bc87f6f4dfcdf80f0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7137
cf-request-id: 09feb3f6640000d709ff9c3000000001
last-modified: Wed, 25 Oct 2017 19:29:32 GMT
server: cloudflare
etag: W/"1acf-55c641330bf00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RfPwr%2FMoBGNy8f4Ty2zW3QZtIUhcDTQe5pPpFxdR8jghLSYaM90qwR3yZhu7xQ3cx7%2FSKxGU4nD5J79xjW4m1jc25qFVfUoYnMzEUop%2BhKefnCwcTKSXZNLvG8XZGxY2"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229d6ae5d709-FRA

GET
H2 200 responsiveslides.css
pbr-def.srvsite.com/template/noticias/responsiveslides/ 490 B
539 B 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.css
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7137
cf-request-id: 09feb3f6640000d709028d3000000001
last-modified: Mon, 18 Jun 2018 19:07:29 GMT
server: cloudflare
etag: W/"1ea-56eef46e1de40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nWiEgMyqeQqvcH1F7j3%2BYNeIDuapJ3MOEpXoWuMHskkqIeZItU7JLgmiCPLeM%2FJ8iO%2FAlch7FZqRLapR4kSXTcZVWWp5PtqhB39jwPVs%2F0lSkjv%2F76xb2bQIdJMMbMWD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229d6ae6d709-FRA

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 11 May 2021 17:51:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 9247
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33434
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 11 May 2022 17:51:05 GMT

GET
H2 200 funcoes.php Show response
pbr-def.srvsite.com/template/noticias/js/ 3 KB
2 KB 132ms
131ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/js/funcoes.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d3ab3c83c72b3220bfe179f795d6c87e2d87756577c5a7d51fdd99e89206944

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t4Vqz0Jd9wlVL51cE3B%2FIZo%2B9ofWJ69CNOcwVRugG1HPWEvA7q9mXgsrzYGPIgT4hWij3AXo21koX2IR05XlnXDW7WMFnfPRdQSryegoJRlDAd%2FdtJN%2Bt6fkvGGgto8P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 64de229d6ae8d709-FRA
cf-request-id: 09feb3f6640000d709360c6000000001

GET
H2 200 cabecalho-8546-20210107102026.png
pbr-str.srvsite.com/arquivos/8546/ 84 KB
84 KB 15ms
14ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/cabecalho-8546-20210107102026.png
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a5b91086e79560877ff54970caab310af98c8b4f24db75ac8e9d0c1048e949d

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
content-length: 86071
cf-request-id: 09feb3f6eb0000d70942bb4000000001
last-modified: Thu, 07 Jan 2021 13:20:27 GMT
server: cloudflare
etag: "15037-5b84f4d946993"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AZw%2F1qiTiwKGh7P4byXNCtsx%2Fxz5Buy0FwbbbThR379vdXsE%2FxwIQigvbSaTsOhxg%2BqisdJywa967%2FU0H9hnfiLpIOtROjlYY2zBFL2BQrCjdPjwHyu%2F7%2Bnj2n9nBk5o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e4c75d709-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49908
x-xss-protection: 0
server: cafe
etag: 13815580874420029976
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 May 2021 20:25:12 GMT

GET
H2 200 ico-visitas.png
pbr-def.srvsite.com/img/ 1 KB
2 KB 14ms
13ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/img/ico-visitas.png
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1030a730899f027cc4de4c2db3d45f48cf73a1051c815279c93c2a485a95a903

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2503
content-length: 1223
cf-request-id: 09feb3f6ec0000d7091e001000000001
last-modified: Mon, 21 Oct 2019 19:40:15 GMT
server: cloudflare
etag: "4c7-59570da4e65c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FkiAkGuaiOvJMV2WvoTTrt7OfJKxhKJlUZtR9%2BB0iZBRBYPtSxPl1%2FQQT9k39TYqPJwtZoR8Dh%2FbpA0ZboiWbBia7razx%2Fbwy4Jl0YbBb09JMi4ki0zz9Q00mpJdPduv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e4c77d709-FRA

GET
H2 200 ico-usuarios-online.png
pbr-def.srvsite.com/img/ 2 KB
2 KB 25ms
24ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/img/ico-usuarios-online.png
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aef7be2480368067003707696724d9912728ba05ba5fd8233e9c6cc5a1a785d

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1691
content-length: 2077
cf-request-id: 09feb3f6ed0000d7092127b000000001
last-modified: Mon, 21 Oct 2019 19:40:14 GMT
server: cloudflare
etag: "81d-59570da3f2380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jqH885azvLEw8wmFMdHlrqVTcfx%2BBx3CmSb6kzbnfrriT%2BKa%2BFrMe0fD4%2Fqo2TFjShiZV%2FuJxSEd8J%2FP8PAN9%2Ff4tjWeZOxAzbrK2UUTx4tvSlkGWN7DK7Zx3vw21ur%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e4c78d709-FRA

GET
H2 200 rodape-357-20161129132848.jpg
pbr-str.srvsite.com/arquivos/revenda/357/ 29 KB
29 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/revenda/357/rodape-357-20161129132848.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a6e02b00dadff3552cc2958791078e4b11fe3d997eb64a0132e5239b78473f2

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
content-length: 29455
cf-request-id: 09feb3f6ec0000d709c19cd000000001
last-modified: Tue, 29 Nov 2016 16:28:48 GMT
server: cloudflare
etag: "730f-542731534b000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LJBkLOpRb8GvGaT%2FLtFwH6mxxJ7xKfwRj8bAqBffyDuvg%2Fw03w91UXFTfyEZsc2pJlA4fJ8rjsPYH1TzmYhgro2ZsQSZAgtYrB26VTuq1L1rQ8jwPNjJQhOhXDjwvNSb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e4c79d709-FRA
cf-bgj: h2pri

GET
H2 200 jquery-1.7.2.min.js Show response
pbr-def.srvsite.com/template/noticias/js/ 93 KB
32 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/js/jquery-1.7.2.min.js
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fbd2c8347ea21c3aec216324f187409683dde29021154cb7ae0ed0f115a7089

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7136
cf-request-id: 09feb3f6df0000d7092b2b4000000001
last-modified: Mon, 21 Oct 2019 19:41:48 GMT
server: cloudflare
etag: W/"1727b-59570dfd97700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G975Z8f1kvUV6jWfn8HLkgWpEgqlIykPYM0UJS685JBynsq9v3F7Yq66L8q7btE7sQSSjrcfX6mTpi3OOQub9dSoupPEXgc4NlHGPidW4hZgoV%2BSqv%2BbMUxuia4Z%2BfwO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229e3c4fd709-FRA

GET
H2 200 responsiveslides.min.js Show response
pbr-def.srvsite.com/template/noticias/responsiveslides/ 3 KB
2 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/responsiveslides/responsiveslides.min.js
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7136
cf-request-id: 09feb3f6ea0000d709f39e0000000001
last-modified: Mon, 18 Jun 2018 19:07:30 GMT
server: cloudflare
etag: W/"d44-56eef46f12080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P9nAD2Qf9lcUp5iELJljQSYq8cHtc49UCSqHH7CP62ML6uzhTujbJZT%2BMi9Y1lMPv35jvY9lZ5znVOrgXrN4%2B9cn7zNvN9DhjaZF2Hlpve9igA85hZpfby3Ds6ZrxVnK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229e4c69d709-FRA

GET
H2 200 jquery.flexslider.js Show response
pbr-def.srvsite.com/template/noticias/js/ 54 KB
12 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/js/jquery.flexslider.js
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb70827d2642f5d077cdec125b934d00204a3a1e835acac5d90ba25b7ebea08c

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7136
cf-request-id: 09feb3f6eb0000d7093aaa6000000001
last-modified: Wed, 25 Oct 2017 19:29:36 GMT
server: cloudflare
etag: W/"d6ab-55c64136dc800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7zIPOLm37T0viTVzW7ApPGbe2KRbIpfv3AEil%2FmHnnJEpEfxAn%2BCmc5N4bMEUq0NZ%2FarYaBLJ%2BXOOBeLD9Krgfvq%2BTq2oRt1RkYOjcdbHNXR58glGa4hD5pPLEWqJD5I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229e4c74d709-FRA

GET
H2 200 font-awesome.css
pbr-def.srvsite.com/template/noticias/font/awesome/ 36 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af0a3c8dff6ac422f4ef2274045a749085d566eb0ad957f326ab270b3098c03

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7137
cf-request-id: 09feb3f67a0000d709f39d8000000001
last-modified: Thu, 21 Jun 2018 17:40:59 GMT
server: cloudflare
etag: W/"917e-56f2a6b0ee0c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TOQL%2FlpHB4Lx3yZhKZyFD1LSFF%2FFVtXh%2B6Qxqqpwh1wL3qXW8qzXUBhsslCHKAmwek125NsHpJGrH1IiuP1%2FIipQt%2FqA%2BVQfQAmup7lfqyDV8imXe470SoeDVOjeBUQ5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 64de229d9b23d709-FRA

GET
H2 200 back-8546-20210108120656.png
pbr-str.srvsite.com/arquivos/8546/ 22 KB
22 KB 200ms
200ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/back-8546-20210108120656.png
Requested by: Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e4d664df4253195736eb70d4da133fd5da5814679fec7eef0560c2b485ba04

Request headers

Referer: https://pbr-def.srvsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Jan 2021 15:06:56 GMT
server: cloudflare
etag: "584e-5b864e8418b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EMF1FChSy8woHPruuHxelfAvijlj6iUIme3Xoj6PZeHaa0mL6LLAkge6bPExv8miFtPiwlsiob4XoLrOuuPdhifwkOQ8zw%2BBC6FcBfxnFohxwUqMAanOxz4FCLRhjXTW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 64de229e4c7bd709-FRA
content-length: 22606
cf-request-id: 09feb3f6ed0000d709453ed000000001

GET
H2 200 bg_branco.png
pbr-def.srvsite.com/img/ 981 B
1 KB 21ms
20ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/img/bg_branco.png
Requested by: Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dadfc2259d45cd231c80d9e69dc11991eb0753dfb4b8f8f8e89fc4f72833e76

Request headers

Referer: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4788
content-length: 981
cf-request-id: 09feb3f6f00000d7092b2b6000000001
last-modified: Mon, 21 Oct 2019 13:43:04 GMT
server: cloudflare
etag: "3d5-5956bdceb4a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pSnz0l%2BhRRzpKc1ZAOV%2FuaBqCh%2BviobHSckTXScXpTpfVpa4W5rbrdE7pUMasZt3Yfl58bM%2FMPlMTog%2BeSgDpSdJsooG1OQKZyuPvyK3RUmNffa0ZJZZIXeTO1C91EAR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e4c80d709-FRA

GET
H2 200 not-8546-20210511102317.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 99 KB
99 KB 178ms
177ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511102317.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29eda05ff7a2c96da0e50522250dfe135ed05f5507b3a4634116f6bf29119a41

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 101059
cf-request-id: 09feb3f6f60000d709dabcb000000001
last-modified: Tue, 11 May 2021 13:23:17 GMT
server: cloudflare
etag: "18ac3-5c20dcc132938"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SmpjCwOwL2BTCTyU6Rx5EVle1gewY%2FlMkha30RZUvMXt7y5MANcTZQTR%2BDcU1HYs7bhR8VB1uhDc5vlCBl2zjyDzkh%2BUn6K8R8OrMOwa3QxcSz%2F7Z%2BG1r67%2B9793IoV1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e5c96d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210511100731.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 36 KB
37 KB 183ms
182ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511100731.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0dcc1a0abf892283624a518f4810c83667e7ea12ce1af855e5b3d83c63a1e12

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 37355
cf-request-id: 09feb3f6fb0000d709edb82000000001
last-modified: Tue, 11 May 2021 13:07:31 GMT
server: cloudflare
etag: "91eb-5c20d93b35e86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oXZrmh3ypo9kQq6JI1ozkZI5NkOD3xGrUIvFLQ%2BCN7zVoAehRDa1Kg5%2BiyZXesDd5OHWV3CS9mgqxOjlJOC8gjYVEfphaVP9RJXGL%2Bpn%2Fneu5PdcmxI2Uv4%2BEljGyGg3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e5ca0d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210511094141.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 42 KB
43 KB 215ms
207ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511094141.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358cdd1475c9de436a9f9ba6cf4eddbfe9a906ce49a3aec366d55e082d9f048c

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 43165
cf-request-id: 09feb3f70a0000d709d3926000000001
last-modified: Tue, 11 May 2021 12:41:41 GMT
server: cloudflare
etag: "a89d-5c20d374f809f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c7wcN6Jt3KVQqJvak%2FXAmWdXzOqjhZ00XFNQbTz4FhBxNovFRlGPUhqMFwolzbH0%2FE0dmgt%2FGHTVmGIIrwLlvOIpaTe2ERa73oSe6jjzwnqCOcas%2B%2FfkSWCIki5TGomU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e7cd7d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210511091736.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 42 KB
43 KB 202ms
194ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511091736.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dc171a8ec42e774761f5fdced5e54bdf89879a496ae45fd961f260289136a68

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 43429
cf-request-id: 09feb3f70a0000d7090214f000000001
last-modified: Tue, 11 May 2021 12:17:36 GMT
server: cloudflare
etag: "a9a5-5c20ce12a2699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oPG%2BQSuRDTIVWYcsHJ2UcWhGtwO%2FdQnq7puF70UXbi9EXhvq2d43fwqXoO4AYE93WlATSJ%2FhStHsu%2FKpsFraAPwH%2B6szaLrsJpoAj7xrGb7xbucCMVU79EKJmpl5x1To"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229e7cdcd709-FRA
cf-bgj: h2pri

GET
H2 200 fontawesome-webfont.ttf
pbr-def.srvsite.com/template/noticias/font/awesome/ 162 KB
93 KB 158ms
133ms Font
application/font-sfnt 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/font/awesome/fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Origin: http://www.expressodopovo.com.br
Referer: https://pbr-def.srvsite.com/template/noticias/font/awesome/font-awesome.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Oct 2017 19:29:44 GMT
server: cloudflare
etag: W/"286ac-55c6413e7da00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WOT0hiXgKFONiUxJmMqsyN48CqWmsU%2F%2BP46tIEDjvSkPqRTNLaqBHlHPx4ZthPLAYFXj0C9AfbgUzvQ7wG%2FwQlCk52Fu%2FY2SP%2FOifT1K%2FBdlONm0GAQjzIZoCpa9d7n2"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64de229e78064a86-FRA
cf-request-id: 09feb3f70900004a866ea30000000001

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.expressodopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 66875
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 11 May 2022 01:50:37 GMT

GET
H2 200 BebasNeue-webfont.woff
pbr-def.srvsite.com/template/noticias/font/ 19 KB
19 KB 133ms
111ms Font
application/font-woff 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbr-def.srvsite.com/template/noticias/font/BebasNeue-webfont.woff
Requested by: Host: pbr-def.srvsite.com
URL: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f06d878a8a3ec306f39b23e6d3c3296bc1ef6d08a50f9891d9d65e8a232a9dd

Request headers

Origin: http://www.expressodopovo.com.br
Referer: https://pbr-def.srvsite.com/template/noticias/css/estilo.php?tipo=8546&token=4f24152912f06334e88cb87b453900b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 25 Oct 2017 19:29:34 GMT
server: cloudflare
etag: W/"4b80-55c64134f4380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s1aCEXwX5Xjfx1XaRSkYrYb9TW2g%2BMinBEM%2BndRMX3tlqX6oT626yeRKl%2FupAG4YA2SQu6l5iicPJkod01N4GhYxfxqfmpbxQiQkkLWWbjLax6dJNO4avnhKWal8zkCc"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64de229e780a4a86-FRA
cf-request-id: 09feb3f70900004a86228a2000000001

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.expressodopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 603874
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 04 May 2022 20:40:38 GMT

GET
H2

200

likebox.php Show response
www.facebook.com/plugins/ Frame 5771
Redirect Chain

http://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false...
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=fals...

44 KB
14 KB

173ms
172ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7bdecfcca2f950af44cd5765a886ee6c0faccbbe6ad0160479a388349fd4873b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.expressodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.expressodopovo.com.br/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: ySF8jz9DhGcfYWOdsBs8Im0gbQcuNC6oancdZodUduEnzx4h/2DLQCWAlYqEbIDGsVPXlhgRSr9cUkxFfSQ9BA==
date: Tue, 11 May 2021 20:25:12 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Non-Authoritative-Reason: HSTS

GET
H2 200 not-8546-20210506092624.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 57 KB
57 KB 188ms
182ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210506092624.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c773f7903d78d202efe61f0a47a1f1ce8f0ca406f4af121ceb112c23b257ac9

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 57998
cf-request-id: 09feb3f7340000d70942bba000000001
last-modified: Thu, 06 May 2021 12:26:24 GMT
server: cloudflare
etag: "e28e-5c1a86b6ed3dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e3saFWIdwrFGNjKmUgttlaB2tVS5gM%2FU1rAiloTN49EiMkTV0Poq%2FyYt%2FGSLYPOmADx73qFBfAensAOKpINXY3ierNhqrarUZiXvpbO4NqgTAOGdwVf%2BpOxBJGqEPzgk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd74d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210504142231.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 74 KB
75 KB 183ms
182ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210504142231.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5fbd11c7c60ad0f327dc0feefcca0aaad6fecbe953076c8a455133c47686ff

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 76134
cf-request-id: 09feb3f7420000d709d03f5000000001
last-modified: Tue, 04 May 2021 17:22:31 GMT
server: cloudflare
etag: "12966-5c18452b81eee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HiBBoo1NMEW3X%2F2WF0H%2FvO0bVHb%2FlEl%2BBY0vK0%2FpgIUgIArosPoHGO1K1W4s6jxU0grMBD6Ll6Tegro4O0Haw4WebMwyib2p0ImwrAYgg3%2FNQOgKfCYpsZt59L%2F%2FE6nA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ecdb1d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210504111936.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 78 KB
79 KB 196ms
195ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210504111936.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc07537211d90c5b02891f28756377492ff99d3b06012a787906bac66067d19

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 80379
cf-request-id: 09feb3f7410000d709c19d6000000001
last-modified: Tue, 04 May 2021 14:19:36 GMT
server: cloudflare
etag: "139fb-5c181c4923573"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KO71J3LckXcVN6XAQwsl8Zjw%2BntExFOyBZWJYEjAHVD6RvrLGWTOjpI3BEa9afs4X7IQj4jkBY1LSyRSET5OJ9o2MJo%2BXwCmIBhgv2FUC%2FqAX%2BmBQ3fLkhEyUzcz44r7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ecdadd709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210428103759.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 24 KB
24 KB 196ms
195ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210428103759.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64a6eda4eef1a3873a1fed875ebfce9d202863f6a97ad3da716498aa38ffbf4

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 24144
cf-request-id: 09feb3f7410000d7092ea04000000001
last-modified: Wed, 28 Apr 2021 13:37:59 GMT
server: cloudflare
etag: "5e50-5c1087cb6c113"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8mnPC57JmVcUWmexVOACRTgry893eXh6gIm3LTjyv3JOh25SlWrZseFBthta4sRe1UwgqCOr0LMlccwQDDUn8TDUB0dKAMHezLGaTYQ09CxG3ciKgv1NXFvlJYIJJPgE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ecdaad709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210504095825.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 41 KB
41 KB 201ms
201ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210504095825.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9304d3dd4e2e0f764b666ae3aa5a14dd4340c4b86ab4d8fcbafcec050cabc291

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 41702
cf-request-id: 09feb3f7420000d709d7277000000001
last-modified: Tue, 04 May 2021 12:58:26 GMT
server: cloudflare
etag: "a2e6-5c180a2472956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x3Or0QeBjTy8qQBCBJj%2BzLd4Vk1NJ9cXZXpdhKuBdsClC3hwWvpstc0cGTUix9ha6u%2BEdurchB0csE6lcUNIFis9Eknm2Bq100oLwcb6ETUq2McDwiDqbSCtzrBcOIEY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ecdb0d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210503125206.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 39 KB
40 KB 199ms
199ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210503125206.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73caad0a4f542d2939717a447c7bf9fff803bc3181d8719725afd6decde34b5c

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 39968
cf-request-id: 09feb3f7410000d7091ba06000000001
last-modified: Mon, 03 May 2021 15:52:06 GMT
server: cloudflare
etag: "9c20-5c16ef1910d1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yxUmxgeqe97THuCI5lPStWL52Z5fQwjZFPPfygMpvqo3aPDPxHpakBrb0jGujseTsmqlrllaxdKiprldNgcjHK%2FJnvpsCuJYiHbzkj3Ug6H4hJ6ThTpeuHY%2Fbxi%2F1kFV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ecdaed709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210503095143.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 39 KB
39 KB 183ms
182ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210503095143.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73caad0a4f542d2939717a447c7bf9fff803bc3181d8719725afd6decde34b5c

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 39968
cf-request-id: 09feb3f7420000d709edb89000000001
last-modified: Mon, 03 May 2021 12:51:43 GMT
server: cloudflare
etag: "9c20-5c16c6c76c6fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0MDVqOPyaEXVShYwazOgz0F%2BzY51wO2azlYiUivwj4EH1qO8LaAO7NvFgmkGHcvxpHTwE7IsOamOnRUQW0YSIDDFxImz5Ln37FcKWll494M%2BxQRqICJdRH3%2B5CKw3no6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ecdb4d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210426102221.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 77 KB
78 KB 189ms
178ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210426102221.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c03aa9f91f541467fba3c22e51a8029cb8e009783de4917aa5abc1e1920003

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 79199
cf-request-id: 09feb3f8090000d709f39f7000000001
last-modified: Mon, 26 Apr 2021 13:22:21 GMT
server: cloudflare
etag: "1355f-5c0e009205c62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7DFumyufVFnSxsrO6cbk14AYgl19r0DHwLNRM2v0%2FPv9s4rZXhcvsBjwi9MyB709oLyuOOAd4ZtW5J8XMEXg4GJ2F08XZYR3ExDpC4iLlD8yBrUc3HoIBYmRhCU9CkG6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a00fced709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210423090435.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 54 KB
55 KB 189ms
183ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210423090435.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5c00d2fecba623d7af61252e500d55408b6c38049d6576bb238912544406755

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 55653
cf-request-id: 09feb3f80a0000d70905947000000001
last-modified: Fri, 23 Apr 2021 12:04:36 GMT
server: cloudflare
etag: "d965-5c0a299811cff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=99tzx0srh%2FAkFKtDWheeTfMfn1%2B0ZmfxjBd2G0KR%2FJVYe79fG2e5A1PbxS58366rcNRWjLLnqQaVx3%2BeHW5HlKyDDWUEJhI5%2F8RfeXcfeWWI0MxBg%2FHx%2BL3%2BVjO6Fhme"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a00fd0d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210422091404.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 80 KB
81 KB 191ms
189ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210422091404.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68757e2ded330991d550da9f1f57fca114f9ef2f9f3e2088bb32a80fb0af3c17

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 82284
cf-request-id: 09feb3f80a0000d709c393a000000001
last-modified: Thu, 22 Apr 2021 12:14:04 GMT
server: cloudflare
etag: "1416c-5c08e9d852df3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kWp9pVFIhchEPYlDW1zMZvejbOAj5XrZpeCdsECEJ%2BRpCj9wYh1XaCjSxrVEmKCuF3Ve4ZnA%2FY7qNnEzZkMdFeQ589JUFBIuMwj1PhvMBbEkd7rXZf0pkyYg5kxTp5gF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a00fd1d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210330103428.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 38 KB
39 KB 185ms
184ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210330103428.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d463028ddf12b42ac722343c42b5c5b93c8578cc28933dc87e85813dbbc27c7e

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 39392
cf-request-id: 09feb3f80a0000d709c006a000000001
last-modified: Tue, 30 Mar 2021 13:34:29 GMT
server: cloudflare
etag: "99e0-5bec10ec8687a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VCoVIBcsEe3zJagq94EdcgUHd2Ou%2F9nVZ9i0cun4GhEPbBZFUUZBQZzSBnZN%2FAYa2T%2BSxWCg1Y1ssi5uW5ID2JbRUjP%2FsVtZUUldpdA4TtfU57yzB6xzNUa65mBZqDMi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a00fd3d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210422090705.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 78 KB
79 KB 182ms
181ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210422090705.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95617c2f2400f1e1fd34714065d8d67cb07a9152bc4576a03376111104ec2d3

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 80054
cf-request-id: 09feb3f80a0000d709e6184000000001
last-modified: Thu, 22 Apr 2021 12:07:05 GMT
server: cloudflare
etag: "138b6-5c08e8496f961"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2FMz3uQnw3hbgC5uKQWx00AO8fXFpozPnQBD3QlF6OK5FSoPAQo9ClKgzoC6b8SkRBN%2BnBikHygtsmZQx1ndjtbgBwuR1aYVPKULMBS%2BAcXatmtvVQWfaHfwW2%2Fc%2FL3c"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a00fd4d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210406163919.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 53 KB
53 KB 180ms
179ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210406163919.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0436a44ae68115aa5198b28df89d6dfb88066bc0684efda747a08c4a6bced57e

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 54387
cf-request-id: 09feb3f80a0000d7091096e000000001
last-modified: Tue, 06 Apr 2021 19:39:20 GMT
server: cloudflare
etag: "d473-5bf52f87b65db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GpSm7UgyZc9%2F2nkh6L9pSrht8AvPg94f7IIwc9AvMqY8A4NiNM4MzvUlopf%2FgytYWfJ%2FbWOOA1uK5Cx1AAUh2YW8%2F6cp9VUyhyCUTyfuJCKLct2%2BOGh7e9wqmoPr5kIo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a00fd5d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210401112348.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 76 KB
76 KB 180ms
176ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210401112348.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb703c263d1a34eaef414e08ce6e0d8736b7380a244d9f4050e06d38faa70c1f

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 77521
cf-request-id: 09feb3f8c30000d709c4936000000001
last-modified: Thu, 01 Apr 2021 14:23:48 GMT
server: cloudflare
etag: "12ed1-5bee9fadac0cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8SQdcPBgld%2BnejCCMxahuTLvY0GvJkJ%2BjRTz9YGZJt2jquQX1dQmwJPCSV1Md%2BF8gMzzDojF%2FyAu%2BED3t%2F16bSOTJUEA7TcEtWViE8FiTlreX963d0%2FCeg8%2FNSOuM1Db"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a139d5d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210330102507.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 30 KB
30 KB 184ms
181ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210330102507.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a94baaa2eb6f59cb567a411b7770b3a127b74136da60375df2cba74de9b790

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 30755
cf-request-id: 09feb3f8c40000d709edba3000000001
last-modified: Tue, 30 Mar 2021 13:25:07 GMT
server: cloudflare
etag: "7823-5bec0ed47abb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fM3iNXPh%2Fd5oL1d7vTwUSkP6zua7fyej%2BambEYV3NC4NAwGWo%2FDfxvSItjBAJrGmGzZ2mSs%2BsuUoYMOK9f03rxtdKZCp7dffLGIiNPR1TvJJkNfx%2F0EbXr96KU0ZdRHz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a139d7d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210510085246.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 59 KB
60 KB 179ms
178ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210510085246.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102c4dcaf14de7189955beb041af0a46f1f2cd64ccdc1aae9d0e73ca1bbfa589

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 60535
cf-request-id: 09feb3f8c30000d70905954000000001
last-modified: Mon, 10 May 2021 11:52:46 GMT
server: cloudflare
etag: "ec77-5c1f86a7d0798"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3ujWGNRoCXAQoQ406vw4QAQdL9HkghM5dub0%2BFGz%2FhG4hNtH0HNAlouMMHqsVtcOHAcMcEhiank%2BqkbAHR2ttu%2B2D6jIhi1uuQ3dU8205tam3w%2F4wYsa0tQDNqSl1Hys"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a139d8d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210507095142.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 45 KB
45 KB 178ms
177ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210507095142.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0717167f38599e8e1087fff662b908e21692ea9b211d1039ff970630f1dfa7c3

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 45793
cf-request-id: 09feb3f8c40000d709f3a06000000001
last-modified: Fri, 07 May 2021 12:51:42 GMT
server: cloudflare
etag: "b2e1-5c1bce3b98a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1sBJn9%2BbOgnyeGSPcS%2BZuhvfFTBpxV75juxmm%2FWO58S9H5SeQaAYdiqL%2FcJHMnUIzJLTT%2BEoYdWzjZsUPDxioMFdLLn8fYpWcDpOJU%2F9X22HlO%2F9ZbrZhnywDyqfN%2B7Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a139d9d709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210507085412.jpg
pbr-str.srvsite.com/arquivos/8546/noticias/ 62 KB
62 KB 178ms
177ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210507085412.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983d6ed0ae918a73285d323b302f283b1f83aecdd1fe893f1c7b05c7cdba74e7

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 63211
cf-request-id: 09feb3f8c40000d709de22d000000001
last-modified: Fri, 07 May 2021 11:54:12 GMT
server: cloudflare
etag: "f6eb-5c1bc16161823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zNc44HkrAMMozYe7y98s6en1wZe1ukpvBesvefq59JWESj4AUp8%2BT2sk13VC3y%2F5JOf7qzgS%2FK3S97dODgYqprjQw9SEAULmHTYqAxoD5bOg2JrHBBmfxJAyp7LwYuwe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a139dad709-FRA
cf-bgj: h2pri

GET
H2 200 noticia0.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 36 KB
37 KB 109ms
106ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia0.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3204152a4d606847c044a4b0a7722430cf2ea27213daa1c47c38a5432639353f

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 36983
cf-request-id: 09feb3f7350000d7092021c000000001
last-modified: Tue, 11 May 2021 19:00:03 GMT
server: cloudflare
etag: "9077-5c21280696186"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1J4rDeIS28yYMQEjQjnL%2FHMuUztKx2QGpnPA1EJYXF70yBTyFcIdCfAXeQAY%2BX4%2F70knVsIL%2FFDvdZCMGAeQshOOGuISMaG2ZnFIRGSNbKCR%2FNbhUTn5ySqLsRSVXwpb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd78d709-FRA
cf-bgj: h2pri

GET
H2 200 noticia1.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 32 KB
33 KB 117ms
114ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia1.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 943436bc09791144667689b1ceccd57c5d9d9a27401bcaf312f46de72822c169

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 33181
cf-request-id: 09feb3f7350000d70905937000000001
last-modified: Tue, 11 May 2021 19:00:05 GMT
server: cloudflare
etag: "819d-5c212808b039a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9oy8aYXI93d1%2FQ623pJMiJUZwjTWbJe8UpOQW4WuP0ohAk2TsLFdBOLXZwvzPgcaMtzFekv%2BxgawLCIn5l3DcWIvCnh1%2FaWrcNk9MgGSJLVb9COlBRdMmEYTjDAp5WNO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd79d709-FRA
cf-bgj: h2pri

GET
H2 200 noticia2.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 27 KB
27 KB 162ms
159ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia2.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d072fcdcca181a09ff4bfb4531b10389e2d7b6e5e4cd29f57795ce4680fcf6f

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 27602
cf-request-id: 09feb3f7350000d7093faf1000000001
last-modified: Tue, 11 May 2021 19:00:06 GMT
server: cloudflare
etag: "6bd2-5c2128097c57e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EwhTjCD2cBr4F3CgJjNxDN4BRS1kLbNUJkDqCyZJAD2nxAkKdmbUbxIsKKtA2%2FO67VxviXehlt%2BNxY8S7TnNMBMFjE72LKapIxZn%2B2pGq3NAeD5zuISMaFGJwP5XG3vU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd7bd709-FRA
cf-bgj: h2pri

GET
H2 200 noticia3.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 30 KB
30 KB 111ms
108ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia3.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38a246a97e8679b1a01e4a32b6e693ba568d805f08839c9f9abf473661b1ac3

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 30229
cf-request-id: 09feb3f7360000d709e224b000000001
last-modified: Tue, 11 May 2021 19:00:07 GMT
server: cloudflare
etag: "7615-5c21280a477c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DaxCmnHhKLbC%2FatbKWHQH4h2Y40rFg%2BCkPoPm4PrvhHmjQBrmZOyw6JSigoZ0KZiwmJoyO5SxSXzOJ7dmIN47gc3dTOYk1I%2FtobP07qz83MpxZjX5JcMBpTFx%2BfmH%2B5u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd7dd709-FRA
cf-bgj: h2pri

GET
H2 200 noticia4.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 22 KB
22 KB 110ms
107ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia4.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b603a212a84fa3d77b7392b397d98900b01f1f55c3741c410ebb9f06bd4ab6e6

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 22253
cf-request-id: 09feb3f7360000d709e6176000000001
last-modified: Tue, 11 May 2021 19:00:07 GMT
server: cloudflare
etag: "56ed-5c21280b2ef2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1fIvjLAwbDAd37jiuQ%2BB%2Fs74grm2BO14XZFYsEXi2Js627xJC3%2FQfM1A%2FAii%2FFh5tF6Wzj3m%2BrbSpKPC3Aw2EX8LeW1fIYhkpLj2e3oCvoNQs3j3ToUZiF3mHQGyF%2Biu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd7ed709-FRA
cf-bgj: h2pri

GET
H2 200 noticia5.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 33 KB
33 KB 137ms
135ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia5.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb19a5eb4fc68bfd1404068a978315fa73749bb9ee9fdac7558f96510e357bc

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 33561
cf-request-id: 09feb3f7360000d7093d960000000001
last-modified: Tue, 11 May 2021 19:00:09 GMT
server: cloudflare
etag: "8319-5c21280cc0594"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NuN%2F4fAmmViclF9FwNYewX0%2FsJoZ0cVRFZ4UkJkJ3aXpvBAsOH5%2B4BXo%2BPLuUnxiDjiRhUO0N%2FCXGsG3nVc6H5tbB1Z9l5KbYeHKcELT%2FTcWDoLAsd8%2BXIah8Ig6pJqS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd83d709-FRA
cf-bgj: h2pri

GET
H2 200 noticia6.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 22 KB
22 KB 123ms
120ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia6.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72237795009a9cd01d84135642aa6738e1a280592ccaa19922247b06fd31c3d

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 22608
cf-request-id: 09feb3f7360000d70902153000000001
last-modified: Tue, 11 May 2021 19:00:10 GMT
server: cloudflare
etag: "5850-5c21280db09a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tSZqtdkZun0CbGPJcnnyPioOd5utT6oV7ALumAeIETIr%2FdIF9nTFt6%2BGzifcbpFxeia7CiXdnYR8Em5ow1%2FCJ6euCv7wnJuNDaa3UXq5jxaKznmsRV%2FhDXp%2BbiQhxJlE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd85d709-FRA
cf-bgj: h2pri

GET
H2 200 noticia7.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 18 KB
18 KB 106ms
104ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia7.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5d06ab1ce6abb10fdeb3d0703281b7963d552aaa5e60a62ab0ca6c40641376

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 17964
cf-request-id: 09feb3f7370000d7091932f000000001
last-modified: Tue, 11 May 2021 19:00:11 GMT
server: cloudflare
etag: "462c-5c21280e98111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tDWGWijZ0kXJ07z%2ByXMv0CUj%2F%2BfMUMevJYsFa%2FfBYbizaBHYterM2HgMkG8wB4KTs5wmijfcMvXJzXLXHiv8yUEimEeAwUb9%2Bvsk3RpboTDe9csJADxBauoB%2FZfWwqjA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd86d709-FRA
cf-bgj: h2pri

GET
H2 200 noticia8.jpg
pbr-def.srvsite.com/scripts/noticia-atual/ 28 KB
29 KB 129ms
127ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-def.srvsite.com/scripts/noticia-atual/noticia8.jpg?data=5eb849e6da710a1375f2e1f58b691d5d
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a19fa7f8e59b63790b965514e005c344012a13b22baccb048bd6c7fddb80f0b

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 28885
cf-request-id: 09feb3f7370000d709238ca000000001
last-modified: Tue, 11 May 2021 19:00:13 GMT
server: cloudflare
etag: "70d5-5c21281017e31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rCIqJYAizeqFpWPtA%2BGIPAz9rs83t35mil9g4wSf7oAasuc6Hc2gFE0hdUyzkoK1xFtuXbZQwRLihzMmiitkSfAh9AjoJLaqoT1D3KdBFsUhqRpMt5cAe1BohCBy%2Bafk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de229ebd87d709-FRA
cf-bgj: h2pri

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/wUHsyRgnsPg/ 19 KB
19 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/wUHsyRgnsPg/hqdefault.jpg

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eeadb37f92da3fc82aaa7834bf9f38b1e656bad867c014287375bb09d729cb9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 19:48:46 GMT
x-content-type-options: nosniff
server: sffe
age: 2186
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19325
x-xss-protection: 0
expires: Tue, 11 May 2021 21:48:46 GMT

GET
H2 404 hqdefault.jpg
i1.ytimg.com/vi/gYBzHhvqF_k/ 1 KB
1 KB 40ms
18ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/gYBzHhvqF_k/hqdefault.jpg

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Tue, 11 May 2021 20:25:42 GMT

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/nLJgYCGCB4s/ 9 KB
9 KB 33ms
12ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/nLJgYCGCB4s/hqdefault.jpg

Requested by

Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3deffcfa87fc2372ad0a499e7839177b1f07cc5e949754825e97b803a87a52fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 19:17:13 GMT
x-content-type-options: nosniff
server: sffe
age: 4079
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9071
x-xss-protection: 0
expires: Tue, 11 May 2021 21:17:13 GMT

GET
H2 200 201212191018431.jpg
pbr-str.srvsite.com/arquivos/8546/galeria/943528/ 56 KB
56 KB 175ms
175ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/galeria/943528/201212191018431.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d90af33c6eb709e5081e03595244176455b43361cc4222feb05a0b45999108

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 57072
cf-request-id: 09feb3f8c80000d7094500b000000001
last-modified: Fri, 18 Dec 2020 11:37:44 GMT
server: cloudflare
etag: "def0-5b6bb8968e8b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dCofUpUxyHhO4LBAx4mzxmWnvH65Lyr1rk3gCw8EvQS%2FGyxeG%2BZB9GxaMCN2HiiXfS4W2lOXAe3EQFSm7NEt4iLSoNdJjrMQuKbYd3ADW%2BcsLvL852%2FaAAJCMt2tDRAE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a139e4d709-FRA
cf-bgj: h2pri

GET
H2 200 201212190958152.jpg
pbr-str.srvsite.com/arquivos/8546/galeria/943527/ 54 KB
54 KB 177ms
175ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/galeria/943527/201212190958152.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89906256173fca5b350116d6af0a29daf87b322e710e5f3ed8c708327c8856e8

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 55262
cf-request-id: 09feb3f9780000d7093aad8000000001
last-modified: Fri, 18 Dec 2020 11:37:44 GMT
server: cloudflare
etag: "d7de-5b6bb8968e8b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LOJwEOuLuHZLd%2BAcSoMuYPNKJaSRq9UOogftY2l1LU0crONqTURUpn%2F4HI%2BWjQwLzmUhnTLIiajplN3hDq45gt%2F6RNoE%2FtobaP7NdQsKd3eUfygaMssU06iIPaDfMRCA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a25c0dd709-FRA
cf-bgj: h2pri

GET
H2 200 2012121910002912.jpg
pbr-str.srvsite.com/arquivos/8546/galeria/943526/ 104 KB
104 KB 184ms
182ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/galeria/943526/2012121910002912.jpg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395938104eef4d42a03e1e319f02a5b30ac0ccab534eb1b75b1fb744678361b5

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 106189
cf-request-id: 09feb3f9780000d7092b2e7000000001
last-modified: Fri, 18 Dec 2020 11:37:44 GMT
server: cloudflare
etag: "19ecd-5b6bb8968d912"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QCFPpYOdylwQZ41yFnOiBUVOfInR0m7oAdHx3e6I2B3A5Wpna0N8XeyehEv4PCDU8WCSs3vyToNBrqZq3WebTXsUH%2BubRqVefLaonUtdSNl%2BCBB1Bh64ni5LwVW%2FBfXY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a25c0fd709-FRA
cf-bgj: h2pri

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/ 223 KB
82 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84099
x-xss-protection: 0
server: cafe
etag: 12011922212658401594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 11 May 2021 20:25:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/ Frame 0257 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210510/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.expressodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.expressodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 11 May 2021 18:01:56 GMT
expires: Tue, 25 May 2021 18:01:56 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 8596
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
415 B 79ms
76ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.expressodopovo.com.br&callback=_gfp_s_&client=ca-pub-2140207384726849

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210510/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2140207384726849&plah=www.expressodopovo.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ba3971963125a18557ff4e454eb09446de0e3214dfe1bb59a0d755eec884369b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.expressodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.expressodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E06B 603 B
67 B 64ms
63ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2140207384726849&output=html&adk=1812271804&adf=3025194257&lmt=1620764712&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.expressodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1620764712822&bpp=4&bdt=282&idt=70&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6059734170283&frm=20&pv=2&ga_vid=1530278960.1620764713&ga_sid=1620764713&ga_hid=1600101053&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956&oid=3&pvsid=3996324760791146&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=123

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2140207384726849&output=html&adk=1812271804&adf=3025194257&lmt=1620764712&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.expressodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1620764712822&bpp=4&bdt=282&idt=70&shv=r20210510&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6059734170283&frm=20&pv=2&ga_vid=1530278960.1620764713&ga_sid=1620764713&ga_hid=1600101053&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956&oid=3&pvsid=3996324760791146&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=123
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.expressodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.expressodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 11 May 2021 20:25:12 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 11-May-2021 20:40:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620696588139699"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 11 May 2021 20:25:12 GMT

GET
H3-29 200 MezyoJrtqwR.css
www.facebook.com/rsrc.php/v3/yR/l/0,cross/ Frame 5771 26 KB
6 KB 7ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yR/l/0,cross/MezyoJrtqwR.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f84cbc4003970cf4410a5f759b3f04ca535de9114f45a867669e05244998c630

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 17:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iS4ZNDNTwEb8sMTP73F6xA==
cross-origin-resource-policy: cross-origin
content-length: 6119
x-fb-rlafr: 0
x-fb-debug: drD+I/rxVlHd0UdoVnVOGBjbcVYyqqDQEV8+t0olCj58LubKxIojP8GCX0xvzOsyUMMZ2YaCNshn17DPAO1K5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 May 2022 17:23:21 GMT

GET
H3-29 200 oZNXTRaOWjx.js Show response
www.facebook.com/rsrc.php/v3/yK/r/ Frame 5771 292 KB
79 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/r/oZNXTRaOWjx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

589222eaa89338e39dcfdf25b7362e2af8a4298c40a24d157a9369d166162d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 03:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5GhlMOLbjSAoSwDbYAtSgw==
cross-origin-resource-policy: cross-origin
content-length: 81175
x-fb-rlafr: 0
x-fb-debug: WtxgQEfQtHh0gJEBFvvXNP0BC5mEo5dtVikIQ2uYro+YoqG+pVmcN8sUtUr1Xn6XFSmdOeUEKncX2XhRtnd2Lg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 May 2022 03:55:30 GMT

GET
H3-29 200 DUV2z6nTgU6.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame 5771 63 KB
19 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/DUV2z6nTgU6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ab77d8a35736b5f5c4a04be103d14226b2cd36c06150fb8ed8cc39d46caa31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 19:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WKBQdaPlu64R96rqlppOpg==
cross-origin-resource-policy: cross-origin
content-length: 19682
x-fb-rlafr: 0
x-fb-debug: 3j4TLhZAEj+7p2LnkP1XQWWIyBmrNsFG8qM8lxk4TZHCfGBOzV2I8D1NjnOaFkrcSWYsCb1rZCkB85TUhvCkEA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 May 2022 19:20:22 GMT

GET
H3-29 200 __q9dxH6_x1.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/ Frame 5771 128 KB
36 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yi/l/en_US/__q9dxH6_x1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ec44b70aa20129513bc61eb4b86c1ca854b425cec7eda03f8652093374c0f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 00:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 96/585IxIDTBVc7RVxq/Yw==
cross-origin-resource-policy: cross-origin
content-length: 36441
x-fb-rlafr: 0
x-fb-debug: l5yWrOfZJQLPLc6TQboyL8zQxRDaVBWU9N06jbYAKKBKOqOptfbpM08FHWArWOhOLCkbC5zo0Hc4tcVwmR/JwA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 May 2022 00:36:35 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
www.facebook.com/rsrc.php/v3/yr/r/ Frame 5771 5 KB
2 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 04:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: oGrFn23WstnvOInIMzetw/oyr8HfKP3h+XuIgNPI/g8aCHHwyn+DoYLycNquZy1+Ol7AAkmyMg3b8pgtSCLJsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 May 2022 04:13:09 GMT

GET
H2 200 137209411_102933905101014_2700935470697953700_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p296x100/ Frame 5771 33 KB
34 KB 56ms
34ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p296x100/137209411_102933905101014_2700935470697953700_n.png?_nc_cat=111&ccb=1-3&_nc_sid=dd9801&_nc_ohc=MLxoMB3BOk8AX-wGoQn&_nc_ht=scontent-frx5-1.xx&tp=30&oh=c7f54e8be71b7e81d687128a89238cef&oe=60BFCA39
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ecb0cd3fbab1a2b71d4da0ac45cc40cfd17611c283386a33fd5c933c24f664d3

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2270200937
date: Tue, 11 May 2021 20:25:13 GMT
x-fb-trip-id: 917726464
last-modified: Fri, 08 Jan 2021 15:31:39 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 305059246
x-fb-config-version-olb-prod: 1096
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34210

GET
H2 200 136421757_101357418591996_93690616390110390_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 5771 1 KB
1 KB 50ms
32ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/136421757_101357418591996_93690616390110390_n.jpg?_nc_cat=101&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=-dyj_HbirgQAX_eT_iL&_nc_ht=scontent-frt3-2.xx&tp=27&oh=8bae4414bd50062602b1b0fa9fee7741&oe=60C07C8C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/Expresso-do-Povo-100918045302600&width=290&height=160&colorscheme=light&show_faces=true&border_color=%23EAEAEA&stream=false&header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1e82e9db3f3b786071e01a40b1d63299d8cf8b03449171099c7f6707ddd0b6a1

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2395487353
date: Tue, 11 May 2021 20:25:13 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 06 Jan 2021 16:12:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1654948120
x-fb-config-version-olb-prod: 1097
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1170

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame 5771 573 B
623 B 8ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yR/l/0,cross/MezyoJrtqwR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yR/l/0,cross/MezyoJrtqwR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZnZiUKvlmlsy0Wj9fbOT4YCGgfQheQHC5TomoMcl9XW9dKhgxmJKp4Uh4IwOk9v8Gi7Vx6dtvy4fesmqFIewHQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Wed, 28 Apr 2021 18:33:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Thu, 28 Apr 2022 18:33:43 GMT

GET
H2 200 not-8546-20210511133414.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 50 KB
51 KB 190ms
190ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511133414.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce431d5f4e218c62d1f7276a8e32ed299a799c593b46f18e13e9c4e4e619a12

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 51603
cf-request-id: 09feb3fa340000d7092b2f6000000001
last-modified: Tue, 11 May 2021 16:34:14 GMT
server: cloudflare
etag: "c993-5c21076f66870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ILgVAA4FLsJPdaOgwqa7TntkPWL6lHMUH6MZKx%2FxW4BAdujVXbJllfXI7fJP%2B%2BIGs9GXoeOgDYHVqUpRRGr3GtJs7Vm4rRoGfWOAVsVEZiTH44ZAR%2FC8ailz%2FO%2B34tb2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a38e3ad709-FRA
cf-bgj: h2pri

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210510&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b15e75dec4d430a03068709d6864652abb6a9517f6b3e5ef5061120120a5403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 11 May 2021 20:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7665
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 11 May 2021 20:25:13 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 9CF4 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.expressodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.expressodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 11 May 2021 19:23:34 GMT
expires: Wed, 11 May 2022 19:23:34 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3699
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CF4 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 06:45:02 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 49211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Wed, 11 May 2022 06:45:02 GMT

GET
H2 200 not-8546-20210511103631.png
pbr-str.srvsite.com/arquivos/8546/noticias/ 81 KB
82 KB 184ms
183ms Image
image/png 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511103631.png
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d6334f841c9998885f23c66952eddf47c60a966c617a2e475b34b6b2823b40

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 11 May 2021 13:36:31 GMT
server: cloudflare
etag: "145dc-5c20dfb63f827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=peCZuGfDnveYCOdCQW5qfI28Zprg0BVL0HI9lWDp51R3fdlyV1JJ6%2BvcuBHbbiySIPAoXjFbIKyzKa3EXnQMst8Hvu2Qiwsw9L4r%2FQC%2FMgEK6LWmaakBzHPa1%2FyFlvV0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1800
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 64de22a44fcdd709-FRA
content-length: 83420
cf-request-id: 09feb3faaf0000d709c80bb000000001

GET
H2 200 not-8546-20210511115709.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 72 KB
73 KB 182ms
182ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511115709.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a375e1a0c6c9ee16c8eebebe88151b3042124602e4ff3ad09278ca6cb89ee6a0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 73873
cf-request-id: 09feb3faaf0000d709f490e000000001
last-modified: Tue, 11 May 2021 14:57:09 GMT
server: cloudflare
etag: "12091-5c20f1bbe07c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xVB91U5%2Bh6DpOnckMpIGZ79qO4LYuS2gQkNUD%2FcwV6PLoG0pzN2ICACj8XaOqQL6Qv2i9TRCi3cIRD8SxGPUAJnPEy3hb6PUe5C7XuBbf6%2F88p4QrS3OivT993si1Se%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a44fced709-FRA
cf-bgj: h2pri

GET
H2 200 not-8546-20210511114643.jpeg
pbr-str.srvsite.com/arquivos/8546/noticias/ 63 KB
63 KB 186ms
185ms Image
image/jpeg 2606:4700:20::681a:160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbr-str.srvsite.com/arquivos/8546/noticias/not-8546-20210511114643.jpeg
Requested by: Host: www.expressodopovo.com.br
URL: http://www.expressodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:160 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6deae2ab1e6a1891bbdcd4f30efe1bf28f4facdfaa5519632223a8a59012a56

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 11 May 2021 20:25:13 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 64141
cf-request-id: 09feb3fab00000d70902189000000001
last-modified: Tue, 11 May 2021 14:46:43 GMT
server: cloudflare
etag: "fa8d-5c20ef66f9ed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rcDOqnRTtKGs2iHseBQ2ac66RTVm6vSgwuZmWJbBKWjAgRK9dPMB0tEjyK4ocGSgIhBRTkQdODIHqYZ8jPmfCQlBWUgkEjAVWQ7Z0Ikb4ydVyLejS2I9deud7G2iDm9L"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 64de22a44fd0d709-FRA
cf-bgj: h2pri

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210510&jk=3996324760791146&bg=!6Oul66_NAAY59bwoOfU7ACkAdvg8WoaXR11oCvBqTRt9-wrgq1hIABSdn5o8DjkvcgNqWDgbWDtVZgIAAAC2UgAAAAtoAQcKANACkhBNweEFMx2wOgxoI7U_2GQecVLKHkpKls-0Sk5dgaQ8AXiEUA2xqPUjG-JqeaU_Xyg6moE15VLnPcYtZ-MWuAmW2uNvuGAGKN8lQjpV3tH2WWAcamxJsQ7C2ybcF0eWacWvBQ5SlElU45inCv496erOPtkdOWRffRMlxyC7XmXJ-8RhIbJfh16XrrQa6hTlGPpUH33eOwxD-dsxajtwZfhSfC20prWNbPxwKX1ylUfOEyUadAahr6hAd78mOefkunRNHi2OgQtEDOKbHrr8mQJEQ341fPEiYmjtaBFpWWFdcieO1bWyCY4oxkXNAckW1SASBV0LZJdG7JxVVSShRLwrUwmjlSbix963fGkxOyxONsLXwJEH5lqC3RdESulMvwR-nRLyKxUgksO9NXWzDno1tdJ1GdzgLTCSn5M6NWG-hmhpin2csTNoffqvESE4mq0M0q171SiNZ03h6FR6JfPZH9-3cwNzq5LDOpzTA_C4D5g8Bpj6ykly05yQPOPTD-CTK4EKF3IpZllF-kvGV09-7MAqkyMnGOytFdFaP7LTRlOP81phR6AB4wvylfKKPrzTwHYbH8yjnjLIwIjSkeq9RASJ8JdrT3RzrDfbdTFjN9fN8gsvYxZk1Txl2ClBUGTq-eP2eL9T37ut9LWlBwJcubh2fGuGwi1APlzYRY0w7UD11dGOVBai2M_sdpGBW5bjcGnrIjxF_Ayp2NVScLcyFzuU7t657hahQJHDNv6k280kQcVypHPhm4r6XqzUJ65ASZZ4uai_03mm9q8tBrexisIoooQYojXlTNtHEWwvcJv_FgVZrYmUfZ2fgfwkD6I6W6yQSm30ak4OyP5a9V2EH09uGDbnTOIzFZXEfG3oXYcwhUCS2ityTpcxUk2IiDTIankgAk81CdLvwV4jdGlhI3WSAq58UhOIpMWitcO9Dm5ris_9yDHsu6s8riqBUNfuZanwfky9jJRPugOU70pPVTbj99HrIUA3QJ0VCqOLyb0l8ZETlujaKPZpLBWVK2-tyXGNlZrgNt_-0yeBAn7Yv2x0MA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.expressodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 May 2021 20:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 18:12:45	Name: test_cookie Value: CheckForPermission
			.expressodopovo.com.br/	1970-01-20 03:34:20	Name: __gads Value: ID=2fcd0716d5836679-22f832830dc8006a:T=1620764712:RT=1620764712:S=ALNI_MbOYbOFZTkCS4g-YeqeM7MHPAhVWw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
expressodopovo.com.br
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.ytimg.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbr-def.srvsite.com
pbr-str.srvsite.com
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
tpc.googlesyndication.com
www.expressodopovo.com.br
www.facebook.com
www.googletagservices.com
142.250.181.226
165.227.252.94
167.114.119.26
2606:4700:20::681a:160
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
016b91219c6ed7712bdfed0dfa714b53c5df005847771cddf79e2a3a5d5679ac
01a5043e72cb1396762018f864155e23d9a75e37de811a63cb6669404241f65a
0436a44ae68115aa5198b28df89d6dfb88066bc0684efda747a08c4a6bced57e
0717167f38599e8e1087fff662b908e21692ea9b211d1039ff970630f1dfa7c3
0a5b91086e79560877ff54970caab310af98c8b4f24db75ac8e9d0c1048e949d
0c773f7903d78d202efe61f0a47a1f1ce8f0ca406f4af121ceb112c23b257ac9
0fc07537211d90c5b02891f28756377492ff99d3b06012a787906bac66067d19
102c4dcaf14de7189955beb041af0a46f1f2cd64ccdc1aae9d0e73ca1bbfa589
1030a730899f027cc4de4c2db3d45f48cf73a1051c815279c93c2a485a95a903
10e4d664df4253195736eb70d4da133fd5da5814679fec7eef0560c2b485ba04
16d90af33c6eb709e5081e03595244176455b43361cc4222feb05a0b45999108
1ab77d8a35736b5f5c4a04be103d14226b2cd36c06150fb8ed8cc39d46caa31d
1dadfc2259d45cd231c80d9e69dc11991eb0753dfb4b8f8f8e89fc4f72833e76
1e82e9db3f3b786071e01a40b1d63299d8cf8b03449171099c7f6707ddd0b6a1
1f06d878a8a3ec306f39b23e6d3c3296bc1ef6d08a50f9891d9d65e8a232a9dd
1fbd2c8347ea21c3aec216324f187409683dde29021154cb7ae0ed0f115a7089
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
23d6334f841c9998885f23c66952eddf47c60a966c617a2e475b34b6b2823b40
29eda05ff7a2c96da0e50522250dfe135ed05f5507b3a4634116f6bf29119a41
2aef7be2480368067003707696724d9912728ba05ba5fd8233e9c6cc5a1a785d
31c8de7c3023548e4205a8f61fa9d4b5c79707dc01710c8313184574afba2ee5
3204152a4d606847c044a4b0a7722430cf2ea27213daa1c47c38a5432639353f
33205051f6e37b9dc8139fbcfc22640e42adee6c5e26964f33850cb61c28a3f5
358cdd1475c9de436a9f9ba6cf4eddbfe9a906ce49a3aec366d55e082d9f048c
395938104eef4d42a03e1e319f02a5b30ac0ccab534eb1b75b1fb744678361b5
3a19fa7f8e59b63790b965514e005c344012a13b22baccb048bd6c7fddb80f0b
3deffcfa87fc2372ad0a499e7839177b1f07cc5e949754825e97b803a87a52fd
46c03aa9f91f541467fba3c22e51a8029cb8e009783de4917aa5abc1e1920003
4a6e02b00dadff3552cc2958791078e4b11fe3d997eb64a0132e5239b78473f2
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4ec44b70aa20129513bc61eb4b86c1ca854b425cec7eda03f8652093374c0f5b
4ef9a18aef9847638b3b4344a0b2ebed14e84fb0aeb8ce29292af06826a2580a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
589222eaa89338e39dcfdf25b7362e2af8a4298c40a24d157a9369d166162d8a
5cb19a5eb4fc68bfd1404068a978315fa73749bb9ee9fdac7558f96510e357bc
5ce431d5f4e218c62d1f7276a8e32ed299a799c593b46f18e13e9c4e4e619a12
5d3ab3c83c72b3220bfe179f795d6c87e2d87756577c5a7d51fdd99e89206944
6130fe8ded2255439c42cf9e805c28b1a72bfcad166d9dcd720243d33557628b
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68757e2ded330991d550da9f1f57fca114f9ef2f9f3e2088bb32a80fb0af3c17
69a94baaa2eb6f59cb567a411b7770b3a127b74136da60375df2cba74de9b790
6f5d06ab1ce6abb10fdeb3d0703281b7963d552aaa5e60a62ab0ca6c40641376
73caad0a4f542d2939717a447c7bf9fff803bc3181d8719725afd6decde34b5c
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7af0a3c8dff6ac422f4ef2274045a749085d566eb0ad957f326ab270b3098c03
7b15e75dec4d430a03068709d6864652abb6a9517f6b3e5ef5061120120a5403
7bdecfcca2f950af44cd5765a886ee6c0faccbbe6ad0160479a388349fd4873b
7d072fcdcca181a09ff4bfb4531b10389e2d7b6e5e4cd29f57795ce4680fcf6f
89906256173fca5b350116d6af0a29daf87b322e710e5f3ed8c708327c8856e8
8ebca2e343cf7e710efd1fb79e22dbcd9b4c86fb39b78eda216d1fb7fcc72f5c
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
9304d3dd4e2e0f764b666ae3aa5a14dd4340c4b86ab4d8fcbafcec050cabc291
943436bc09791144667689b1ceccd57c5d9d9a27401bcaf312f46de72822c169
983d6ed0ae918a73285d323b302f283b1f83aecdd1fe893f1c7b05c7cdba74e7
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dc171a8ec42e774761f5fdced5e54bdf89879a496ae45fd961f260289136a68
a375e1a0c6c9ee16c8eebebe88151b3042124602e4ff3ad09278ca6cb89ee6a0
a38a246a97e8679b1a01e4a32b6e693ba568d805f08839c9f9abf473661b1ac3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a72237795009a9cd01d84135642aa6738e1a280592ccaa19922247b06fd31c3d
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
b0c59bd2eacde11afe8a1f60e32086839e62d5e63bc2346ae86cc4bc52bef074
b0dcc1a0abf892283624a518f4810c83667e7ea12ce1af855e5b3d83c63a1e12
b43b245e7b57a75d1c57b0e70779b88718a72a3544995b9165fd80678889b873
b603a212a84fa3d77b7392b397d98900b01f1f55c3741c410ebb9f06bd4ab6e6
ba3971963125a18557ff4e454eb09446de0e3214dfe1bb59a0d755eec884369b
bcb969ed193b134167917e74f7b93f42fe0b0346aa7aa4959e10967d03c42975
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6deae2ab1e6a1891bbdcd4f30efe1bf28f4facdfaa5519632223a8a59012a56
c95617c2f2400f1e1fd34714065d8d67cb07a9152bc4576a03376111104ec2d3
cb703c263d1a34eaef414e08ce6e0d8736b7380a244d9f4050e06d38faa70c1f
cedd7e3ecef2cd050c2e053e3e60cfafbf904acdeba7925bc87f6f4dfcdf80f0
d463028ddf12b42ac722343c42b5c5b93c8578cc28933dc87e85813dbbc27c7e
d5c00d2fecba623d7af61252e500d55408b6c38049d6576bb238912544406755
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64a6eda4eef1a3873a1fed875ebfce9d202863f6a97ad3da716498aa38ffbf4
ecb0cd3fbab1a2b71d4da0ac45cc40cfd17611c283386a33fd5c933c24f664d3
ee5fbd11c7c60ad0f327dc0feefcca0aaad6fecbe953076c8a455133c47686ff
eeadb37f92da3fc82aaa7834bf9f38b1e656bad867c014287375bb09d729cb9c
f84cbc4003970cf4410a5f759b3f04ca535de9114f45a867669e05244998c630
fb70827d2642f5d077cdec125b934d00204a3a1e835acac5d90ba25b7ebea08c

www.expressodopovo.com.br Open in urlscan Pro 165.227.252.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

98 %HTTPS

83 %IPv6

13 Domains

18 Subdomains

17 IPs

3 Countries

3033 kBTransfer

4401 kBSize

2 Cookies

14 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.expressodopovo.com.br Open in urlscan Pro
165.227.252.94 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

98 %
HTTPS

83 %
IPv6

13
Domains

18
Subdomains

17
IPs

3
Countries

3033 kB
Transfer

4401 kB
Size

2
Cookies

102 HTTP transactions
0 data transactions