www.correiodopovo.com.br Open in urlscan Pro
194.126.175.195 Public Scan

URL: https://recordtv.r7.com/genesis
Title: GÊNESIS

URL: https://noticias.r7.com/saude/coronavirus
Title: CORONAVÍRUS

URL: https://noticias.r7.com/
Title: JR 24H

URL: https://noticias.r7.com/eleicoes-2020
Title: Eleições 2020

URL: https://noticias.r7.com/politica
Title: Política

URL: https://noticias.r7.com/economia
Title: Economia

URL: https://noticias.r7.com/economia/economize
Title: Economize

URL: https://noticias.r7.com/internacional/
Title: Internacional

URL: https://noticias.r7.com/resumo-r7
Title: Resumo R7

URL: https://noticias.r7.com/tecnologia-e-ciencia
Title: Tecnologia & Ciência

URL: https://noticias.r7.com/saude
Title: Saúde

URL: https://noticias.r7.com/agronegocios
Title: Agronegócio

URL: https://noticias.r7.com/educacao
Title: Educação

URL: https://noticias.r7.com/educacao/r7-ensina
Title: R7 Ensina

URL: https://noticias.r7.com/hora-7
Title: Hora 7

URL: https://noticias.r7.com/carros
Title: Carros

URL: https://noticias.r7.com/concursos
Title: Concursos

URL: https://www.tempoagora.com.br/
Title: Previsão do Tempo

URL: https://noticias.r7.com/cidades
Title: Cidades

URL: https://noticias.r7.com/brasil
Title: Brasil

URL: https://noticias.r7.com/sao-paulo
Title: São Paulo

URL: https://noticias.r7.com/distrito-federal
Title: Distrito Federal

URL: https://noticias.r7.com/rio-de-janeiro
Title: Rio de Janeiro

URL: https://noticias.r7.com/minas-gerais
Title: Minas Gerais

URL: https://noticias.r7.com/pernambuco
Title: Pernambuco

URL: https://entretenimento.r7.com/
Title: ENTRETENIMENTO

URL: https://entretenimento.r7.com/cinema-e-series
Title: Cinema e Séries

URL: https://www.estrelando.com.br/
Title: Estrelando

URL: https://entretenimento.r7.com/famosos-e-tv
Title: Famosos e TV

URL: https://entretenimento.r7.com/games
Title: Games

URL: https://entretenimento.r7.com/musica
Title: Música

URL: https://entretenimento.r7.com/musica/trilha-de-sexta-2
Title: Trilha de Sexta

URL: https://www.vagalume.com.br/
Title: Vagalume

URL: https://entretenimento.r7.com/viagens
Title: Viagens

URL: https://lifestyle.r7.com/
Title: LIFESTYLE

URL: https://lifestyle.r7.com/beleza
Title: Beleza

URL: https://lifestyle.r7.com/bem-estar
Title: Bem-Estar

URL: https://lifestyle.r7.com/bichos
Title: Bichos

URL: https://lifestyle.r7.com/casa-e-decoracao
Title: Casa e Decoração

URL: https://lifestyle.r7.com/comidas
Title: Comidas

URL: https://lifestyle.r7.com/dietas
Title: Dietas

URL: https://lifestyle.r7.com/filhos
Title: Filhos

URL: https://lifestyle.r7.com/moda
Title: Moda

URL: https://virtz.r7.com/
Title: Virtz

URL: https://virtz.r7.com/comece-2021-investindo
Title: Comece 2021 Investindo

URL: https://virtz.r7.com/podvirtz
Title: PodVirtz

URL: https://esportes.r7.com/
Title: ESPORTES

URL: https://esportes.r7.com/automobilismo/
Title: Automobilismo

URL: https://esportes.r7.com/e-sports
Title: e-Sports

URL: https://esportes.r7.com/esportes-olimpicos
Title: Esportes Olímpicos

URL: https://esportes.r7.com/fora-de-jogo
Title: Fora de Jogo

URL: https://esportes.r7.com/futebol
Title: Futebol

URL: https://esportes.r7.com/lance
Title: Lance

URL: https://esportes.r7.com/mais-esportes
Title: Mais Esportes

URL: https://prisma.r7.com/todos-os-blogs
Title: BLOGS

URL: https://noticias.r7.com/prisma/andre-azeredo
Title: André Azeredo

URL: https://noticias.r7.com/prisma/arquivo-vivo
Title: Arquivo Vivo

URL: https://noticias.r7.com/prisma/augusto-nunes
Title: Augusto Nunes

URL: https://noticias.r7.com/prisma/autos-carros
Title: Autos Carros

URL: https://noticias.r7.com/prisma/christina-lemos
Title: Christina Lemos

URL: https://noticias.r7.com/prisma/eduardo-olimpio
Title: Eduardo Olimpio

URL: https://noticias.r7.com/prisma/empreendendo-direito
Title: Empreendendo Direito

URL: https://noticias.r7.com/prisma/herodoto-barbeiro
Title: Heródoto Barbeiro

URL: https://noticias.r7.com/prisma/moto-seguranca-e-transito
Title: Moto, Segurança e Trânsito

URL: https://noticias.r7.com/prisma/nosso-mundo
Title: Nosso Mundo

URL: https://noticias.r7.com/prisma/o-conservador-tecnologico
Title: O Conservador Tecnológico

URL: https://noticias.r7.com/prisma/o-que-e-que-eu-faco-sophia
Title: O que é que eu faço, Sophia ?

URL: https://noticias.r7.com/prisma/r7-planalto
Title: R7 Planalto

URL: https://noticias.r7.com/prisma/refletindo-sobre-a-noticia-por-ana-carolina-cury
Title: Refletindo sobre a notícia

URL: https://noticias.r7.com/prisma/blog-do-nolasco
Title: Blog do Nolasco

URL: https://www.r7.com/tudo-do-r7/todos-os-blogs
Title: Todos os Blogs

URL: https://esportes.r7.com/prisma/cosme-rimoli
Title: Cosme Rímoli

URL: https://esportes.r7.com/prisma/lucas-pereira
Title: Lucas Pereira

URL: https://esportes.r7.com/prisma/silvio-lancellotti
Title: Sílvio Lancellotti

URL: https://esportes.r7.com/prisma/r7-so-esportes
Title: Só Esportes

URL: https://entretenimento.r7.com/prisma/apuracao-hq
Title: Apuração HQ

URL: https://entretenimento.r7.com/prisma/flavio-ricco
Title: Flavio Ricco

URL: https://entretenimento.r7.com/prisma/keila-jimenez
Title: Keila Jimenez

URL: https://entretenimento.r7.com/prisma/ligia-braslauskas-literatura
Title: Literatura

URL: https://entretenimento.r7.com/prisma/odair-braz-jr
Title: Odair Braz Jr.

URL: https://entretenimento.r7.com/prisma/ziriguidum
Title: Ziriguidum

URL: https://lifestyle.r7.com/prisma/e-de-comer
Title: É de Comer

URL: https://lifestyle.r7.com/prisma/gustavo-sarti
Title: Gustavo Sarti

URL: https://lifestyle.r7.com/prisma/mao-de-vaca-com-estilo
Title: Mão de Vaca com Estilo

URL: https://lifestyle.r7.com/prisma/procura-se-cachorro
Title: Procura-se Cachorro

URL: https://recordtv.r7.com/
Title: RECORD TV

URL: https://recordtv.r7.com/programacao/
Title: Programação

URL: https://recordtv.r7.com/a-noite-e-nossa
Title: A Noite É Nossa

URL: https://recordtv.r7.com/balanco-geral
Title: Balanço Geral

URL: https://recordtv.r7.com/balanco-geral-manha
Title: Balanço Geral Manhã

URL: https://recordtv.r7.com/camera-record
Title: Câmera Record

URL: https://recordtv.r7.com/cidade-alerta
Title: Cidade Alerta

URL: https://recordtv.r7.com/domingo-espetacular
Title: Domingo Espetacular

URL: https://recordtv.r7.com/escrava-mae
Title: Escrava Mãe

URL: https://recordtv.r7.com/esporte-fantastico
Title: Esporte Fantástico

URL: https://recordtv.r7.com/fala-brasil
Title: Fala Brasil

URL: https://recordtv.r7.com/hoje-em-dia
Title: Hoje em Dia

URL: https://recordtv.r7.com/hora-do-faro
Title: Hora do Faro

URL: https://recordtv.r7.com/record-europa
Title: RecordTV Europa

URL: https://recordtv.r7.com/recordtv-interior-sp
Title: RecordTV Interior SP

URL: https://noticias.r7.com/record-news
Title: Record News

URL: https://recordtv.r7.com/reporter-record-investigacao
Title: Repórter Record Investigação

URL: https://entretenimento.r7.com/love-school-escola-amor/
Title: The Love School - Escola do Amor

URL: https://recordtv.r7.com/topissima
Title: Topíssima

URL: https://recordtv.r7.com/troca-de-esposas
Title: Troca de Esposas

URL: http://recordtv.r7.com/tv-digital/
Title: TV Digital

URL: https://recordtv.r7.com/videos
Title: Vídeos

URL: https://www.playplus.com/
Title: PlayPlus

URL: https://podcasts.r7.com/
Title: Podcasts

URL: https://www.r7.com/cupons
Title: R7 Cupons

URL: https://estudio.r7.com/
Title: R7 Estúdio

URL: https://aclr.r7.com/
Title: ACLR

URL: https://videos.r7.com/
Title: Vídeos

URL: https://tv.r7.com/love-school-escola-amor
Title: Love School

URL: https://videos.r7.com/universal
Title: Universal

URL: https://mundorecord.com.br/
Title: Mundo Record

URL: https://www.r7.com/apps
Title: R7 Apps

URL: https://trilhassonoras.r7.com/
Title: R7 Trilhas Sonoras

URL: https://recordtv.r7.com/studio-ad
Title: Studio AD

URL: https://www.ressoar.org.br/
Title: Ressoar

URL: http://noticias.r7.com/acessibilidade/conheca-as-ferramentas-de-acessibilidade-disponiveis-no-r7com-20022017
Title: Acessibilidade

URL: http://leitor.correiodopovo.com.br/?tag=assinetopo
Title: Assine

URL: http://digital.correiodopovo.com.br/
Title: Entrar

URL: https://bellamais.correiodopovo.com.br/
Title: Bella Mais

URL: https://bellamais.correiodopovo.com.br/modabeleza
Title: Moda & Beleza

URL: https://bellamais.correiodopovo.com.br/estilo-de-vida
Title: Estilo de Vida

URL: https://bellamais.correiodopovo.com.br/relacionamentos
Title: Relacionamentos

URL: https://bellamais.correiodopovo.com.br/negociosefinancas
Title: Negócios & Finanças

URL: https://bellamais.correiodopovo.com.br/bemestar
Title: Bem-estar

URL: https://bellamais.correiodopovo.com.br/colunistas
Title: Colunistas

URL: https://portal.correiodopovo.com.br/Faleconosco/?FC=CONOSCO
Title: Trabalhe conosco

URL: https://portal.correiodopovo.com.br/politicadeprivacidade
Title: Política de Privacidade

URL: https://portal.correiodopovo.com.br/TermoeCondicoesdeUso
Title: Termos e condições de Uso

URL: https://portal.correiodopovo.com.br/faleconosco/?FC=ATENDIMENTO
Title: Atendimento ao assinante

URL: https://portal.correiodopovo.com.br/faleconosco/?FC=GERAL
Title: Fale com a Redação

URL: https://portal.correiodopovo.com.br/Publicidade/
Title: Soluções para seu negócio

URL: https://portal.correiodopovo.com.br/Publicidade/pdf/MidiaKit_CP_Digital_2019.pdf
Title: Mídia Kit

URL: https://portal.correiodopovo.com.br/Publicidade/img2/TABELA_COMERCIAL_CORREIO_DO_POVO.pdf
Title: Tabela Comercial

URL: https://digital.correiodopovo.com.br/
Title: Jornal Digital

URL: http://leitor.correiodopovo.com.br/
Title: Loja Correio do Povo

URL: https://portal.correiodopovo.com.br/Faleconosco/
Title: Atendimento ao assinante

URL: http://ejcj.cpovo.net/
Title: Portal Administrativo

URL: https://portal.correiodopovo.com.br/CPovo/SuporteTecnico/
Title: Provedor

URL: https://outlook.office.com/
Title: Webmail

URL: http://minhaconta.correiodopovo.com.br/
Title: Minha Conta

URL: https://guaiba.com.br/
Title: Rádio Guaíba

URL: https://www.recordtvrs.com.br/
Title: Tv Record RS

URL: https://www.r7.com/
Title: R7.com

URL: https://www.linkedin.com/company/correio-do-povo/

URL: https://www.instagram.com/correiodopovo/

URL: https://www.facebook.com/CorreioDoPovo/

URL: https://www.youtube.com/channel/UCphn4Z4L2dGNoh7jz_99EOA

URL: https://twitter.com/correio_dopovo

URL: https://www5.smartadserver.com/click?imgid=26348624&insid=9951217&pgid=541023&ckid=0&uii=382067357098119842&acd=1614588955338&opid=d829d1de-2f4f-420e-ac1a-103d6c6bf67d&opdt=1614588955&pubid=6&tmstp=6343376758&tgt=%24dt%3d1t&systgt=%24qc%3d1311284246%3b%24ql%3dHigh%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d173%3b%24wpc%3d182&envtype=0&imptype=0&pgDomain=https%3a%2f%2fwww.correiodopovo.com.br%2f&go=https%3a%2f%2frecordtv.r7.com%2fgenesis

URL: http://t1.tkzio.com/6effc310-59df-46c8-acd6-63e047ce8e58?site=correiodopovo&title=Berlin%3A+Kardiologen+sprachlos%3A+%22Kilo-Killer%22+Einlagesohlen+begeistern+Deutschland&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ffdb08d4a383b40c8d2cda02ee393b4cc.jpg&campaign=DE_InSole_Q121_Desktop4&utm_content=2967572049&conversionname=InsolePurchase&click_id=GiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCCL0UYogsn9leC456Ey&tblci=GiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCCL0UYogsn9leC456Ey#tblciGiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCCL0UYogsn9leC456Ey
Title: Verbraucherclub

URL: https://server.adform.net/C/?bn=42705015;gdpr=$%7Bgdpr%7D;gdpr_consent=$%7Bgdpr_consent_50%7D&tblci=GiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCC8kFAo1P6pzOe29Mwq#tblciGiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCC8kFAo1P6pzOe29Mwq
Title: Die Business-Cloud-Telefonanlage

URL: https://ad9.adfarm1.adition.com/redi?sid=4579353&kid=4134844&bid=12377851&gdpr=$%7BGDPR%7D&gdpr_consent=$%7BGDPR_CONSENT_39%7D&tblci=GiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCCH51Eo1eTKweygo_2kAQ#tblciGiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCCH51Eo1eTKweygo_2kAQ
Title: Risiko-Schutz der Nr.1**

URL: https://www.bett1.de/produkte/bodyguard-matratze?utm_source=taboola&utm_medium=cpc&utm_campaign=desktop&utm_content=bodyguard&utm_source=taboola&utm_medium=referral&tblci=GiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCDNw1IooaWHibmYy8ZP#tblciGiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCDNw1IooaWHibmYy8ZP
Title: bett1.de

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=correiodopovo&utm_medium=referral&utm_content=thumbnails-a:Mid%20Article%20Thumbnails:
Title: por taboola

URL: https://bellamais.correiodopovo.com.br/bemestar/exercicios/yoga-traz-benef%C3%ADcios-para-a-sa%C3%BAde-f%C3%ADsica-e-psicol%C3%B3gica-1.577479
Title:

URL: https://bellamais.correiodopovo.com.br/relacionamentos/filhos/miopia-infantil-excesso-de-telas-%C3%A9-fator-de-risco-1.577467
Title: Filhos

URL: https://bellamais.correiodopovo.com.br/colunistas/lauragluer/filtros-e-or%C3%A1culos-do-caf%C3%A9-1.577092
Title: Laura Gluer

URL: https://bellamais.correiodopovo.com.br/modabeleza/beleza/flacidez-p%C3%B3s-gesta%C3%A7%C3%A3o-tem-solu%C3%A7%C3%A3o-1.577083
Title: Beleza

URL: https://bellamais.correiodopovo.com.br/colunistas/patriciachiela/quanto-mais-complexo-o-ambiente-fica-mais-sofisticados-n%C3%B3s-temos-que-nos-tornar-1.576514
Title: empreendedorismo

URL: https://bellamais.correiodopovo.com.br/relacionamentos/amores/voc%C3%AA-est%C3%A1-vivendo-em-relacionamento-abusivo-1.576509
Title: Relacionamento

URL: https://bellamais.correiodopovo.com.br/modabeleza/beleza/cuide-se-sem-sair-de-casa-1.576011
Title:

URL: https://bellamais.correiodopovo.com.br/bemestar/menstrua%C3%A7%C3%A3o-sustent%C3%A1vel-conhe%C3%A7a-op%C3%A7%C3%B5es-aos-absorventes-tradicionais-1.575327
Title: Menstruação sustentável: conheça opções aos absorventes tradicionais

URL: https://bellamais.correiodopovo.com.br/colunistas/giselesilveiraberardi/dieta-cetog%C3%AAnica-perca-peso-e-reduza-medidas-1.575102
Title: Nutrição

URL: https://www.youtube.com/CorreiodoPovoPlay
Title: CP Play

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=correiodopovo&utm_medium=referral&utm_content=thumbnails-d:Right%20Rail%201x1%20Home%20Page:
Title: por taboola

URL: https://www.photovoltaik-angebotsvergleich.de/online-beratung.html?utm_source=taboola&utm_medium=dis_nat&utm_campaign=taboola_PV&utm_content=photovoltaik_angebotsvergleich&utm_term=allgemeinPV&utm_site=correiodopovo&tblci=GiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCD4o08ogrvqq-Oc9-EG#tblciGiA9M3-Y_rjkK54-AmsNIwM75yvyZa5u0fttPvDzK70ESCD4o08ogrvqq-Oc9-EG
Title: photovoltaik-angebotsvergleich.de

URL: https://popup.taboola.com/en
Title: Ad

URL: http://anuncie.r7.com/
Title: Anuncie no R7

URL: http://recordtv.r7.com/trabalhe-conosco
Title: Trabalhe Conosco

URL: http://www.r7.com/institucional/comunicar-erro/
Title: Comunicar erro

URL: http://www.r7.com/institucional/fale-com-o-r7/
Title: Fale com o R7

URL: http://www.r7.com/institucional/mapa-do-site
Title: Mapa do Site

URL: http://www.r7.com/institucional/termos-e-condicoes-de-uso/index.html
Title: Termos e Condições de Uso

URL: http://www.r7.com/institucional/privacidade/
Title: Privacidade

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 119

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1614588950038&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1614588950038&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=&cs_ak_ss=1

Request Chain 255

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-4709-92c7-f124277e9717&isDirect=0

Request Chain 257

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0TW4SbcyKAg1&ev=1&orig=trc&pid=562107

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1

Request Chain 261

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

Request Chain 262

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883

Request Chain 263

https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 268

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2

Request Chain 269

https://id5-sync.com/s/464/9.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8tAZLUOoiqBs1sbBNCNHXCPSzueVAOAizqZU1g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8tAZLUOoiqBs1sbBNCNHXCPSzueVAOAizqZU1g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=d6f9024b-eacd-45a8-a7e7-9f726866ac43&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_87a8c9c2-3047-4a8c-afc5-2883111e9036&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGmvv6NEraXF-rTB7MH3tsM&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEGmvv6NEraXF-rTB7MH3tsM%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=738048413311384278&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Request Chain 270

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YJes34P0DVGWMsfAF6w8YA

Request Chain 273

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=bcZ1F2vaSl5SSq_JwuX_lln5QKs&user_group=1&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf

Request Chain 274

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-4709-92c7-f124277e9717&isDirect=0

Request Chain 276

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YsrTeA45D5tY&ev=1&orig=trc&pid=562107

Request Chain 278

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1

Request Chain 280

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

Request Chain 281

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883

Request Chain 287

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2

Request Chain 288

https://id5-sync.com/s/464/9.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOw_dUwc29g6pzPK-iVWlFo0zw7VMc0ZcdNsy2_A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOw_dUwc29g6pzPK-iVWlFo0zw7VMc0ZcdNsy2_A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=d6f9024b-eacd-45a8-a7e7-9f726866ac43&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/464/441/5/3.gif?puid=e_71c933e3-982b-45b3-85b1-4a67705cbde1&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEGmvv6NEraXF-rTB7MH3tsM&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=738048413311384278&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Request Chain 289

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=JzTvqu-qAHKGHH7wF6w8YA

Request Chain 292

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=JcSpynZbQ6RAMIXM2QN8h1n5QKs&user_group=1&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf

Request Chain 317

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

Request Chain 395

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 469

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=ed907144-7a6b-11eb-8fe5-1e588e902506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed907109-7a6b-11eb-8fe5-1e588e902506&orig=video&us_privacy=1---

Request Chain 473

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=ed947c59-7a6b-11eb-a1b1-141922060d06 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed947c1a-7a6b-11eb-a1b1-141922060d06&orig=video&us_privacy=1---

Request Chain 491

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 492

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 588

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cver=1&google_push=AQvitUL0lU24L9ORlN_tSZaziWnnq-RXIiRuR8Uy9hcS9KlS-UklMZrr56jdJQzwjpnGNN8hiXmS44n6CwWYYSntJIpN3Oq1Bjo HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cver=1&google_push=AQvitUL0lU24L9ORlN_tSZaziWnnq-RXIiRuR8Uy9hcS9KlS-UklMZrr56jdJQzwjpnGNN8hiXmS44n6CwWYYSntJIpN3Oq1Bjo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cExBWWRSNDMxTGdFbGs1&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cver=1&google_push=AQvitUL0lU24L9ORlN_tSZaziWnnq-RXIiRuR8Uy9hcS9KlS-UklMZrr56jdJQzwjpnGNN8hiXmS44n6CwWYYSntJIpN3Oq1Bjo

Request Chain 589

https://um.simpli.fi/gp_match?google_gid=CAESEEWUcZCb8-QvEH2cay8zfWs&google_cver=1&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOOlzLxzpgrHXRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=79CFA672C7D647B9BEEE19D746264E27&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOOlzLxzpgrHXRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=79CFA672C7D647B9BEEE19D746264E27&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOOlzLxzpgrHXRg&google_tc=

Request Chain 590

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJq8ImZZmcgdTPtTHGz7wbM&google_cver=1&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk HTTP 302
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk&google_sc&google_hm=EBAQEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk&google_sc=&google_hm=EBAQEA&google_tc=

Request Chain 591

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEI7hu7NNB2G0a2-tgk7uqv0&google_cver=1&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg&google_hm=Ud9-I2SJQYOMUyTxntYMVKs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg&google_hm=Ud9-I2SJQYOMUyTxntYMVKs&google_tc=

Request Chain 592

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK0vaAYXnC0YhIAODUKFzxk&google_cver=1&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERXFvX9QEzODaIh0ANx-JOuMaJ_SZEinOaYsx6Qqg HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK0vaAYXnC0YhIAODUKFzxk&google_cver=1&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERXFvX9QEzODaIh0ANx-JOuMaJ_SZEinOaYsx6Qqg&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7KQCL47qaxqK2_wYnfD9zw&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERXFvX9QEzODaIh0ANx-JOuMaJ_SZEinOaYsx6Qqg

Request Chain 593

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIKwc0MGFFwWh-voUyauBgU&google_cver=1&google_push=AQvitUK10kctuH4wcEIuTZbdtHt2GOrMIRF4MTB6sOUWldJNrDQLOruXWPVgDK0jPgqmLvQc9C0clETEIKbSw1zkXu7ysn5PFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK10kctuH4wcEIuTZbdtHt2GOrMIRF4MTB6sOUWldJNrDQLOruXWPVgDK0jPgqmLvQc9C0clETEIKbSw1zkXu7ysn5PFQ&google_hm=MjY1MTA2ODg0MjU1OTEwMzIyNA%3D%3D

Request Chain 659

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 660

https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&C=1

Request Chain 661

https://us-u.openx.net/w/1.0/cm?gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=1&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=1&us_privacy=1---&orig=video&taboola_hm=6ee8f178-3c88-4903-bff2-46d007d528cf

Request Chain 666

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YDysGpz1bkgOz5cJ5HlPeQAABMMAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESECXwB_J7CSZt_EwgrNRZwEw&google_cver=1

Request Chain 667

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDysGpz1bkgOz5cJ5HlPeQAABMMAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YDysGpz1bkgOz5cJ5HlPeQAABMMAAAIB&dcc=t

Request Chain 668

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YDysGpz1bkgOz5cJ5HlPeQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENQGlIzcgeOP-ww827zM51s&google_cver=1

Request Chain 669

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YDysGpz1bkgOz5cJ5HlPeQAA%261219 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YDysGpz1bkgOz5cJ5HlPeQAA%261219

Request Chain 673

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 720

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEPvr-FRlDvdQwjQk8DYHbVo&google_cver=1&google_ula=862479430,0

728 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.correiodopovo.com.br/ 299 KB
48 KB 481ms
14ms Document
text/html 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: f74bed12df791012c5d235db3453d81282b2f4245b9accb1ffb90a7d03bc328f

Request headers

:method: GET
:authority: www.correiodopovo.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-type: text/html;charset=utf-8
content-length: 48629
vary: Accept-Encoding
server: nginx/1.12.2
cache-control: max-age=240
expires: Mon, 01 Mar 2021 08:59:49 GMT
x-cacheable: YES
x-cache-rule: YES with ttl: 60.000 /
content-encoding: gzip
age: 63
x-cache: HIT
v: 5
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
708 B 18ms
11ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

56920b478b40e28751d2d2eed3501d056342851fb8a527992ed64f7e268d26c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:55:49 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 21ms
13ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f40f0c2ce4a12421dee9c1a5aeec021a70b964015aa7bc947102eb714e57d2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "798 / 669 of 1000 / last-modified: 1614381619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19369
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49420
x-xss-protection: 0
server: cafe
etag: 13386428730629145965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1320/ 32 KB
11 KB 105ms
41ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1320/smart.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9b6b53b4ba6dce572ee659e4f7fa023c239b2ae01b4f113b1e535492facba405

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:49 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=34
Content-Length: 11334
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK smart.prebid.js Show response
tagmanager.smartadserver.com/1320/71754/ 15 KB
4 KB 126ms
50ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 64872f9d07c6c4a91d9e1febf7e3908b8637c88e31e409786a34a616ff8a7d27

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Nov 2020 11:26:21 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3a25-5b437a5cc34e7-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=578
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3506
Expires: Mon, 01 Mar 2021 09:05:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
629 B 31ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:51:25 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
972 B 31ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300italic,400italic,700italic,400,700,300

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd50b6a14b386d15dc4c9a46d9eb634b5d282d551d4d032c167ad4965f2f1a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:55:49 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H2 200 bootstrap.min.css
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/ 107 KB
18 KB 22ms
12ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18137
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 belamais.css
www.correiodopovo.com.br/polopoly_fs/3.232526.1605032261!/ 27 KB
5 KB 22ms
13ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.232526.1605032261!/belamais.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.232526.1605032261!/belamais.css
last-modified: Tue, 10 Nov 2020 18:17:41 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4711
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 146 B
365 B 23ms
14ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/style.css
last-modified: Tue, 07 Jul 2020 18:12:08 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.302.1605032238!/ 865 B
659 B 24ms
16ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.302.1605032238!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.302.1605032238!/style.css
last-modified: Tue, 10 Nov 2020 18:17:18 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 387
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 comments.css
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 310 B
471 B 25ms
17ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/comments.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/comments.css
last-modified: Fri, 01 Mar 2019 17:23:40 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 197
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 video-js.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 13 KB
3 KB 25ms
17ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video-js.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video-js.css
last-modified: Fri, 01 Mar 2019 17:23:33 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 video.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 561 B
611 B 26ms
17ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.css
last-modified: Fri, 01 Mar 2019 17:23:33 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 339
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.237.1605032214!/ 2 KB
739 B 26ms
18ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.237.1605032214!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.237.1605032214!/MainElement.css
last-modified: Tue, 10 Nov 2020 18:16:55 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 463
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.234.1605032212!/ 39 B
334 B 27ms
19ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.234.1605032212!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.234.1605032212!/MainElement.css
last-modified: Tue, 10 Nov 2020 18:16:52 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 59
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/ 38 B
314 B 27ms
19ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/MainElement.css
last-modified: Tue, 10 Nov 2020 18:16:49 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 tags.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/ 5 KB
2 KB 117ms
109ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/tags.carousel.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/css/tags.carousel.css
last-modified: Tue, 10 Nov 2020 18:16:46 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1388
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 tags.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/ 1 KB
827 B 118ms
110ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/tags.theme.default.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/css/tags.theme.default.css
last-modified: Tue, 10 Nov 2020 18:16:46 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 owl.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/ 5 KB
1 KB 118ms
110ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/owl.carousel.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/css/owl.carousel.css
last-modified: Tue, 10 Nov 2020 18:16:46 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 owl.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/ 3 KB
1 KB 118ms
111ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/css/owl.theme.default.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/css/owl.theme.default.css
last-modified: Tue, 10 Nov 2020 18:16:46 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 902
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 social-auth.css
www.correiodopovo.com.br/polopoly_fs/3.212.1605032174!/ 46 B
341 B 119ms
111ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1605032174!/social-auth.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.212.1605032174!/social-auth.css
last-modified: Tue, 10 Nov 2020 18:16:14 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 66
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 bootstrap-social.css
www.correiodopovo.com.br/polopoly_fs/3.212.1605032174!/ 20 KB
3 KB 119ms
112ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1605032174!/bootstrap-social.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.212.1605032174!/bootstrap-social.css
last-modified: Tue, 10 Nov 2020 18:16:14 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2669
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 fotorama.css
www.correiodopovo.com.br/polopoly_fs/3.203.1605032168!/css/ 15 KB
3 KB 119ms
112ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1605032168!/css/fotorama.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.203.1605032168!/css/fotorama.css
last-modified: Tue, 10 Nov 2020 18:16:08 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 fotorama-custom.css
www.correiodopovo.com.br/polopoly_fs/3.203.1605032168!/css/ 738 B
583 B 120ms
113ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1605032168!/css/fotorama-custom.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.203.1605032168!/css/fotorama-custom.css
last-modified: Tue, 10 Nov 2020 18:16:08 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 302
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 SearchElement.css
www.correiodopovo.com.br/polopoly_fs/3.200.1605032166!/ 1 KB
746 B 120ms
113ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1605032166!/SearchElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.200.1605032166!/SearchElement.css
last-modified: Tue, 10 Nov 2020 18:16:06 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.197.1605032162!/ 909 B
626 B 120ms
114ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.197.1605032162!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.197.1605032162!/style.css
last-modified: Tue, 10 Nov 2020 18:16:03 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.184.1605032153!/ 110 B
384 B 121ms
114ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.184.1605032153!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.184.1605032153!/style.css
last-modified: Tue, 10 Nov 2020 18:15:54 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 111
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.178.1605032146!/ 857 B
550 B 121ms
115ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.178.1605032146!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.178.1605032146!/MainElement.css
last-modified: Tue, 10 Nov 2020 18:15:47 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 273
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.175.1605032144!/ 456 B
492 B 121ms
115ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.175.1605032144!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.175.1605032144!/MainElement.css
last-modified: Tue, 10 Nov 2020 18:15:44 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 font-awesome.min.css
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontawesome/css/ 20 KB
5 KB 121ms
115ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontawesome/css/font-awesome.min.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontawesome/css/font-awesome.min.css
last-modified: Tue, 10 Nov 2020 18:15:31 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 fontscorreio.css
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/ 398 B
421 B 122ms
116ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
last-modified: Tue, 10 Nov 2020 18:15:33 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 133
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 fontsbelamais.css
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontsbelamais/css/ 244 B
409 B 122ms
116ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontsbelamais/css/fontsbelamais.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontsbelamais/css/fontsbelamais.css
last-modified: Tue, 10 Nov 2020 18:15:34 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 stylenovo.css
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/ 46 KB
9 KB 122ms
117ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/stylenovo.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/stylenovo.css
last-modified: Tue, 10 Nov 2020 18:15:35 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.153.1605032123!/ 140 B
395 B 122ms
117ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.153.1605032123!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.153.1605032123!/style.css
last-modified: Tue, 10 Nov 2020 18:15:23 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 123
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.150.1605032120!/ 470 B
537 B 123ms
117ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.150.1605032120!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.150.1605032120!/MainElement.css
last-modified: Tue, 10 Nov 2020 18:15:21 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 261
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 autotrack.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.137.1605032114!/ 25 KB
7 KB 124ms
119ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.137.1605032114!/autotrack.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.137.1605032114!/autotrack.min.js
last-modified: Tue, 10 Nov 2020 18:15:16 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7269
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.137.1605032114!/ 1 KB
1 KB 127ms
122ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.137.1605032114!/jquery.cookie.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.137.1605032114!/jquery.cookie.min.js
last-modified: Tue, 10 Nov 2020 18:15:16 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/ 94 KB
33 KB 128ms
122ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
last-modified: Fri, 01 Mar 2019 17:19:16 GMT
server: nginx/1.12.2
age: 3
vary: User-Agent
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33417
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:47 GMT
x-fb-trip-id: 1679558926
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4824

Redirect headers

location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
date: Mon, 01 Mar 2021 08:55:49 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
content-type: text/html; charset=utf-8

GET
H2 200 eleicao3-o-7.22099
www.correiodopovo.com.br/cmlink/ 7 KB
2 KB 122ms
118ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/eleicao3-o-7.22099
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 198254a97cf791e435e959950519cc27ed050f41612a79d5aa2a57b8d4eadb64

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/eleicao3-o-7.22099
last-modified: Fri, 13 Nov 2020 12:20:54 GMT
server: nginx/1.12.2
age: 29
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 1660
expires: Mon, 01 Mar 2021 08:59:49 GMT

GET
H2 200 grid-n-7.21805
www.correiodopovo.com.br/cmlink/ 53 KB
8 KB 123ms
118ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/grid-n-7.21805
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 39977b4dccd621388880d178dd32d28d8340d0cb8bd8a5bd4aff9d22fc982a0f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/grid-n-7.21805
last-modified: Tue, 08 Dec 2020 11:08:53 GMT
server: nginx/1.12.2
age: 29
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 8093
expires: Mon, 01 Mar 2021 08:59:49 GMT

GET
H2 200 cssbellamais-7.21806
www.correiodopovo.com.br/cmlink/ 748 B
582 B 123ms
119ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/cssbellamais-7.21806
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 441e54b1dba4df6b3fc07406d82f1e6069bb799c4c42f7296bf1830717c1aae7

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/cssbellamais-7.21806
last-modified: Wed, 30 Sep 2020 20:24:59 GMT
server: nginx/1.12.2
age: 30
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 285
expires: Mon, 01 Mar 2021 08:59:49 GMT

GET
H2 200 com.atex.gong.paywall.membership.js Show response
www.correiodopovo.com.br/js/ 7 KB
2 KB 128ms
123ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/js/com.atex.gong.paywall.membership.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 86400.000 /js/com.atex.gong.paywall.membership.js
last-modified: Thu, 04 Oct 2018 03:33:34 GMT
server: nginx/1.12.2
age: 2
x-cache: HIT
content-type: application/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2011
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 ws-GTAYHGT2.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 326ms
99ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
last-modified: Tue, 03 Dec 2019 16:04:01 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"b0dccc480294ce8e2bfa6b534879b285"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 denakop.js Show response
v3.denakop.com/ 49 KB
15 KB 55ms
14ms Script
application/javascript 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/denakop.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb1dc0a7568dab1b38f30875adc12c34035d27756f1aaee307ffcefd5df5eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1301
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088e994d4b00002bf656b3c000000001
last-modified: Fri, 26 Feb 2021 19:17:23 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60394943-c47f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 62912b2879182bf6-FRA
cf-bgj: minify

GET
H/1.1 200
OK barra.js Show response
barra.r7.com/ 12 KB
3 KB 96ms
20ms Script
application/javascript 2.18.232.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://barra.r7.com/barra.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5884300930346ea90c243aeb7977e54ec4349a0e0ae8c3cb3494a9fec8d76869

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: !no-store, must-revalidate, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3175

GET
H2 200 Correio_do_Povo_branco.png
portal.correiodopovo.com.br/imagens/ 4 KB
4 KB 994ms
470ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correio_do_Povo_branco.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Mon, 15 Jul 2019 19:56:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e0743667473bd51:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3706

GET
H2 200 Correio_do_Povo.png
portal.correiodopovo.com.br/imagens/ 15 KB
15 KB 766ms
242ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correio_do_Povo.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Mon, 15 Jul 2019 19:56:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e99a3667473bd51:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15396

GET
H2 200 linkedin.png
portal.correiodopovo.com.br/imagens/social/ 347 B
427 B 769ms
246ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/linkedin.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Fri, 28 Aug 2020 14:48:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "282b6474a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 347

GET
H2 200 instagram.png
portal.correiodopovo.com.br/imagens/social/ 676 B
757 B 769ms
245ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/instagram.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Fri, 28 Aug 2020 14:48:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a8a1ae4d4a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 676

GET
H2 200 facebook.png
portal.correiodopovo.com.br/imagens/social/ 295 B
376 B 769ms
246ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/facebook.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Fri, 28 Aug 2020 14:48:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dfbde25b4a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 295

GET
H2 200 youtube.png
portal.correiodopovo.com.br/imagens/social/ 382 B
463 B 767ms
245ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/youtube.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Fri, 28 Aug 2020 14:49:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e2d595674a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 382

GET
H2 200 twitter.png
portal.correiodopovo.com.br/imagens/social/ 484 B
648 B 678ms
238ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/twitter.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Fri, 28 Aug 2020 14:49:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e73b13634a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 484

GET
H2 200 hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 5 KB
5 KB 27ms
21ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 24267
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4874
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 4 KB
4 KB 27ms
21ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 20789
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4136
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 bella_preto.png
portal.correiodopovo.com.br/imagens/ 40 KB
40 KB 409ms
408ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/bella_preto.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Mon, 28 Sep 2020 22:24:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0c02610e695d61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 40820

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4bb92c67b29e30733781f22f6339360707bbbb6319672825d6b6e0684fa3a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RNFBRQH4j1F7mteqS7zG9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "3641adac83d1f8afc319b089eeb0322c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-RNFBRQH4j1F7mteqS7zG9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H2 200 image.JPG
www.correiodopovo.com.br/image/policy:1.578339:1614567889/ 5 KB
5 KB 27ms
21ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578339:1614567889/image.JPG?a=2%3A1&q=0.6&w=360&$p$a$q$w=3c22c7e
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: a001da2a7c13b931facb0ff8cdae7fa80dde8990996e02842fae4ceffff0ab1a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 5281
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4908
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 image.JPG
www.correiodopovo.com.br/image/policy:1.578332:1614566526/ 14 KB
14 KB 27ms
22ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578332:1614566526/image.JPG?a=2%3A1&q=0.6&w=360&$p$a$q$w=3c22c7e
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: eed24f47c7f633361f0968a3b0035b33c0570f6efad99b4c4ee70c5f65e1ef78

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 11555
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14104
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 image.JPG
www.correiodopovo.com.br/image/policy:1.578330:1614565737/ 21 KB
21 KB 28ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578330:1614565737/image.JPG?a=2%3A1&q=0.6&w=360&$p$a$q$w=3c22c7e
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 9d2c3f0ff7205050440f5662e632d45abce529ee7dac01c1367420dd90d2c35e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 16436
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 21804
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 image.JPG
www.correiodopovo.com.br/image/policy:1.578325:1614564973/ 22 KB
22 KB 29ms
24ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578325:1614564973/image.JPG?a=2%3A1&q=0.6&w=360&$p$a$q$w=3c22c7e
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 8bfca5f5e4d214764c12adf7034c3da44e3ffb7eb3a9afe16cd19e72a33e69e3

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 15652
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 22110
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 image.jpeg
www.correiodopovo.com.br/image/policy:1.578319:1614562893/ 10 KB
11 KB 32ms
27ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578319:1614562893/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 528032d54ca150a8ef4a0c90ea9dfdd6a6390a78e3090f5374a553a19cc8e2d8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 9090
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 10704
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 image.jpeg
www.correiodopovo.com.br/image/policy:1.578333:1614566590/ 6 KB
7 KB 33ms
28ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578333:1614566590/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 8b4d47d20371075aa3b56d24382c34d0f564612c95ff2a475af64e5c7779d843

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 6576
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 6548
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 Correiodopovo_horizontal.png
portal.correiodopovo.com.br/imagens/ 34 KB
34 KB 653ms
652ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correiodopovo_horizontal.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Mon, 21 Sep 2020 16:18:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0b593d53290d61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35024

GET
H2 200 bootstrap.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/ 31 KB
9 KB 15ms
15ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8536
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 Imager.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.159.1605032129!/ 6 KB
2 KB 17ms
16ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.159.1605032129!/Imager.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.159.1605032129!/Imager.min.js
last-modified: Tue, 10 Nov 2020 18:15:29 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.191.1605032159!/ 1 KB
1 KB 15ms
15ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.191.1605032159!/jquery.cookie.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.191.1605032159!/jquery.cookie.min.js
last-modified: Tue, 10 Nov 2020 18:15:59 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 users.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.191.1605032159!/ 810 B
663 B 14ms
14ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.191.1605032159!/users.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.191.1605032159!/users.min.js
last-modified: Tue, 10 Nov 2020 18:15:59 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 persona.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 441 B
561 B 14ms
14ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/persona.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/persona.min.js
last-modified: Tue, 07 Jul 2020 18:12:08 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 280
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 poll.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.302.1605032238!/ 1 KB
856 B 23ms
22ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.302.1605032238!/poll.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.302.1605032238!/poll.min.js
last-modified: Tue, 10 Nov 2020 18:17:18 GMT
server: nginx/1.12.2
age: 4
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 577
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 autosize.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 2 KB
1 KB 13ms
13ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/autosize.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/autosize.min.js
last-modified: Fri, 01 Mar 2019 17:23:39 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 video.js Show response
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 66 KB
20 KB 25ms
15ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.js
last-modified: Fri, 01 Mar 2019 17:23:32 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20089
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 tags.carousel.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/js/ 46 KB
11 KB 25ms
16ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/js/tags.carousel.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/js/tags.carousel.js
last-modified: Tue, 10 Nov 2020 18:16:46 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 tags.navigation.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/js/ 11 KB
3 KB 26ms
16ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/js/tags.navigation.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/js/tags.navigation.js
last-modified: Tue, 10 Nov 2020 18:16:47 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 owl.carousel.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/js/ 32 KB
7 KB 26ms
17ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1605032205!/js/owl.carousel.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1605032205!/js/owl.carousel.js
last-modified: Tue, 10 Nov 2020 18:16:46 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7137
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 social-auth.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.212.1605032174!/ 490 B
566 B 26ms
15ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1605032174!/social-auth.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.212.1605032174!/social-auth.min.js
last-modified: Tue, 10 Nov 2020 18:16:14 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 fotorama.js Show response
www.correiodopovo.com.br/polopoly_fs/3.203.1605032168!/js/ 38 KB
16 KB 27ms
16ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1605032168!/js/fotorama.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.203.1605032168!/js/fotorama.js
last-modified: Tue, 10 Nov 2020 18:16:08 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 namespace.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.200.1605032166!/ 220 B
460 B 27ms
17ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1605032166!/namespace.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.200.1605032166!/namespace.min.js
last-modified: Tue, 10 Nov 2020 18:16:06 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 178
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 SearchElement.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.200.1605032166!/ 549 B
582 B 27ms
17ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1605032166!/SearchElement.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.200.1605032166!/SearchElement.min.js
last-modified: Tue, 10 Nov 2020 18:16:06 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 297
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 personalization.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.197.1605032162!/ 887 B
792 B 28ms
18ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.197.1605032162!/personalization.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.197.1605032162!/personalization.min.js
last-modified: Tue, 10 Nov 2020 18:16:03 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 infiniteScroll.js Show response
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/js/ 2 KB
1 KB 28ms
18ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/js/infiniteScroll.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/js/infiniteScroll.js
last-modified: Tue, 10 Nov 2020 18:15:32 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 875
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 funcoes.js Show response
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/js/ 8 KB
3 KB 28ms
19ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/js/funcoes.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/js/funcoes.js
last-modified: Tue, 10 Nov 2020 18:15:32 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2358
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 plugin.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.153.1605032123!/ 192 B
431 B 29ms
20ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.153.1605032123!/plugin.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.153.1605032123!/plugin.min.js
last-modified: Tue, 10 Nov 2020 18:15:23 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 151
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H/1.1 200
OK footer-portal.js Show response
barra.r7.com/footer/footer-portal/ 8 KB
3 KB 20ms
18ms Script
application/javascript 2.18.232.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://barra.r7.com/footer/footer-portal/footer-portal.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.111 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39b331f74103302af84d92f4271ec11d0e175201e791bf78a0c286b14ce1784f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: !no-store, must-revalidate, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2837

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 82 KB
32 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15b0c9b77c9cbab52722ca7cb3973aa2c52f2f881a6e968f69faff3f5f0a0938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32788
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ 128 KB
32 KB 47ms
22ms Script
application/javascript 2606:4700:20::681a:d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26fb3de1741fce597e3e35ae3483810c007ee3e4ca4934724b2bba3fe2acec5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 39927
x-amz-request-id: 2B465023D57ACD8C
x-amz-id-2: 4TbO5Tbct3Iim4hKHH56O/Liru8GZFtxw3rzpuhhNLlzBszcLJRJj/yv3LFzTbVqCHkpffsKhc4=
last-modified: Tue, 02 Feb 2021 18:06:27 GMT
server: cloudflare
etag: W/"d110710e3c223e29f8a81caeebef54a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mB339GSg0HRbobpgjXjB3y8a3IyRHDgoMxdQCdDQSgAwgiyTu%2FYcipL6TdtlNG5zo8A5cUebAIvzClLWPKTRYgizZH3EfwIE46jyillhk2eg8AfAUAfVqpTubEn5iWSxPtCmmh0%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-request-id: 088e994d7b00002b590a8ed000000001
cf-ray: 62912b28c96b2b59-FRA

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 8 KB
3 KB 29ms
11ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c23533b2dcb73c3435e60d435042b1ef7076f4ddce6af81b596c26e66e814e1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3029
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cf-request-id: 088e994d8400004ab6be073000000001
last-modified: Tue, 05 Feb 2019 21:24:03 GMT
server: cloudflare
etag: W/"5c59fef3-1f1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 62912b28dcab4ab6-FRA
expires: Mon, 01 Mar 2021 09:05:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: sXpjUS8/4NCfxhIGy9aiH5T2aR55UA51/9TqkBqm+LpMzbQ8OhKJ1VhNxyfgiSj2JGu1Ev+k5654gQooXk2I4g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 01 Mar 2021 08:55:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ 287 KB
101 KB 23ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:49 GMT

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 418ms
103ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588949788
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 53c85cb3bc85565b91c9c98f5108db7a220fc328d5e21c49cd71eeb4dc02cb14

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 29ms
10ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 02 Mar 2021 08:55:49 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 17ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 08 Mar 2021 08:55:49 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/correiodopovo/ 318 KB
30 KB 27ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e14d9cfe974c744f25bef4e14bf81706109e3d70cc13290fa79d2e6089fcc7

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kZ6tspbHfkr3r9dGiTEIkwmiqW7vt_vx
content-encoding: gzip
etag: "fe117cbb14e56d5cfb38e1f68a9db2d9"
age: 2128
x-cache: HIT
content-length: 30184
x-amz-id-2: pWgu4iIq3ttzPJCQ5LpsUtIazppPhfWRLnppxeQQsxYUr4HhWY8SbqN+8SKLKJQ8z3Bx2yWqKMg=
x-served-by: cache-hhn11570-HHN
last-modified: Mon, 01 Mar 2021 08:19:26 GMT
server: AmazonS3
x-timer: S1614588950.900761,VS0,VE1
date: Mon, 01 Mar 2021 08:55:49 GMT
vary: Accept-Encoding
x-amz-request-id: 0B4021D93D80A39C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 48
x-cache-hits: 1

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/correiodopovo/ 54 KB
16 KB 51ms
16ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "6d0a3d0a56a0d3318f9c30ce3d5680fb"
age: 92
x-cache: HIT
content-length: 16138
x-amz-id-2: eBcI+tP8siR7yGdrEDoCgkNRr4g9lRbZQ7KjLSDiq95MXicPkZBPhH72pRHbBu/8qx/gfY0ogiM=
x-served-by: cache-fra19166-FRA
last-modified: Fri, 04 Sep 2020 23:39:48 GMT
server: AmazonS3
x-timer: S1614588950.924485,VS0,VE1
date: Mon, 01 Mar 2021 08:55:49 GMT
vary: Accept-Encoding
x-amz-request-id: 4677D3DEE96FA39B
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 ClanOT-Book.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ 95 KB
44 KB 26ms
25ms Font
application/octet-stream 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ClanOT-Book.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ClanOT-Book.otf
last-modified: Tue, 10 Nov 2020 18:15:33 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 08:37:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 260298
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Sat, 26 Feb 2022 08:37:31 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/ 23 KB
23 KB 27ms
27ms Font
application/x-font-woff 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: application/x-font-woff;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 ClanOT-News.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ 95 KB
44 KB 24ms
24ms Font
application/octet-stream 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ClanOT-News.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ClanOT-News.otf
last-modified: Tue, 10 Nov 2020 18:15:33 GMT
server: nginx/1.12.2
age: 0
x-cache: HIT
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45198
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 22 KB
22 KB 18ms
13ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 189676
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 22188
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 taline.png
www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/ 18 KB
18 KB 18ms
14ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 190658
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18710
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 juremir.png
www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/ 18 KB
18 KB 19ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 176728
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18528
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 conill.png
www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/ 15 KB
15 KB 19ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 141166
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 15134
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 gonzaga.png
www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/ 21 KB
21 KB 19ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 194247
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 21096
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 jurandir.png
www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/ 21 KB
22 KB 21ms
17ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 169649
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 21864
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 nando.png
www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/ 16 KB
16 KB 21ms
18ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ee2eb05a42f913e9d0b507359bf249acc024088eae85e30976cca0169a557cd2

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 154908
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 16348
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 bessi.png
www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/ 18 KB
18 KB 25ms
22ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 176614
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18416
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 guilherme.png
www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/ 15 KB
15 KB 25ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 157332
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 15166
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 Prancheta%2048.png
www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/ 15 KB
15 KB 26ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 92ada129d1a0557e865cb6fa4065cc62d5b7520064f7316e5edec2d09370d29a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 164232
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 15562
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H2 200 alexandre.png
www.correiodopovo.com.br/image/policy:1.488037:1601342579/ 17 KB
17 KB 26ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
server: Azion IMS
x-original-image-size: 172753
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 17428
expires: Wed, 31 Mar 2021 08:55:49 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 12 KB
12 KB 38ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 12:26:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:14:10 GMT
server: sffe
age: 592163
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Tue, 22 Feb 2022 12:26:26 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 37ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 10:59:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:07 GMT
server: sffe
age: 338198
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Fri, 25 Feb 2022 10:59:11 GMT

GET
H2 200 prebid.js Show response
v3.denakop.com/ 187 KB
56 KB 19ms
19ms Script
application/javascript 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/prebid.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1d98a2291f3d444cc56c2d2e824bb74ff149aeae2cba60dd2e5cb5890d4363d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5955
cf-polished: origSize=191213
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088e994dcc00002bf6883be000000001
last-modified: Thu, 21 Jan 2021 13:49:10 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60098656-2eaed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 62912b294a012bf6-FRA
cf-bgj: minify

GET
H2 200 correiodopovo.com.br Show response
v3.denakop.com/ad-request/10102/desktop/ 653 B
645 B 455ms
455ms Script
application/javascript 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/ad-request/10102/desktop/correiodopovo.com.br

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411620ab74062fa5b38fac8384373858e27345518687f981bd012f1ad7d21525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: private, max-age=1800
access-control-allow-credentials: true
cf-ray: 62912b294a082bf6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088e994dcc00002bf69d18e000000001

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame A94B 13 KB
6 KB 27ms
9ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:42:45 GMT
content-encoding: gzip
age: 47584
x-guploader-uploadid: ABg5-UyE9ECPo1vCFp8-Ek_la0ZEN518OfbCN_SqTkMh4ZgazWzSAMXL3fS_bKosJ5uTM7niI68-BI6EDKK_9B31vdOyRCUWrg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5285
last-modified: Mon, 27 Jul 2020 17:57:47 GMT
server: UploadServer
etag: "7b85cc48e426b50791c174ef1d1833f9"
x-goog-hash: crc32c=Rk6NtA==, md5=e4XMSOQmtQeRwXTvHRgz+Q==
content-language: en
x-goog-generation: 1595872667627472
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 01 Mar 2021 19:42:45 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
86 KB 67ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame ED17 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 01 Mar 2021 00:12:56 GMT
expires: Mon, 15 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 31373
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 204496277643064 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 64ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/204496277643064?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

204f762136b98314092b8231a4064343fbe6e96432fa19c5419e7520baab63da

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: BGtZFQZmTiNidW/MLWmd9X1G85X953HYhPGWCPrRBu7nTAXvRqRdmZGvtuMyCmtNW+cAD0FGvvgbZGr8FFBvFA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 01 Mar 2021 08:55:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
349 B 34ms
12ms Script
application/x-javascript 2600:9000:20eb:4400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 01:54:46 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
age: 25265
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: ZIZTeQQ2NP5FmijHn-KvzWeGIPM1C1g96Uy1CCmTOKCHPTND95uIPw==

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1614588950038&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1614588950038&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=&cs_ak_ss=1

0
528 B

37ms
37ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1614588950038&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=&cs_ak_ss=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1614588950038&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prebid.js Show response
tagmanager.smartadserver.com/ 482 KB
152 KB 21ms
20ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/prebid.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1e071ae07e3630532ce699250ea39fdebad611d164967aa007412dd693af9860

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2021 10:09:41 GMT
Server: Apache/2.4.25 (Debian)
ETag: "78641-5b8d97441ad43-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=155
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155180
Expires: Mon, 01 Mar 2021 08:58:25 GMT

GET
H2 200 329022_2819.js Show response
receiver.posclick.dinamize.com/forms/js/ 87 KB
24 KB 377ms
113ms Script
text/javascript 3.23.208.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://receiver.posclick.dinamize.com/forms/js/329022_2819.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software: Dinamize-PcReceiver /
Resource Hash: 79e2a22d17d5f3ae5b657f4f6538a8053b3f9e3ee7b0c3c50c6c81b9cf6de476

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 08:55:50 GMT
server: Dinamize-PcReceiver
etag: 2021-02-24 16:54:18.685692459 -0300 -03 m=+5014347.083076524
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 24522

GET
H2 200 load.js Show response
widget.perfectmarket.com/correiodopovo/ 4 KB
2 KB 32ms
10ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/correiodopovo/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: OX_wFyoLLxdy6CvRXTBfoc.VwLgDWCuR
content-encoding: gzip
etag: "958ac9562841470c9f6dee2a6538099e"
age: 236
x-cache: HIT, HIT
content-length: 1253
x-amz-id-2: ifcvVovdELZn6GeVmnUbuXFM+OvKb8vRQVl3/u3JiyHh2YbZ9a7LDOs2gmxSsHToVDQgM9oEozs=
x-served-by: cache-sna10739-LGB, cache-hhn4034-HHN
last-modified: Thu, 09 Apr 2020 05:41:41 GMT
server: AmazonS3
x-timer: S1614588950.093630,VS0,VE1
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding,,
x-amz-request-id: 284EBF6E34CFB15E
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20210301-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 468 KB
108 KB 8ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9b31970a9134ca82a8199a1da600e0285145754b2a8f962cdbb23158c341f096

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: c0mTNXnPoNPuP3syitAdGi7H25WAmqgj
content-encoding: br
etag: "8d5832df73176bc2969c90d80b8c1361"
age: 3728
x-cache: HIT
content-length: 110100
x-amz-id-2: gTrLRBxqGjGrpMhZLJFetxqQ+S8PQ8MCBffUuBiFQHeelCIqZMUeNDQzFPaSh4xEZiAG273rylA=
x-served-by: cache-hhn11570-HHN
last-modified: Mon, 01 Mar 2021 07:52:40 GMT
server: AmazonS3-br
x-timer: S1614588950.072087,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
x-amz-request-id: A6E3A4D5EE23018C
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 66
x-cache-hits: 24730

GET
H2 200 dialogos.png
www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/ 3 KB
4 KB 17ms
13ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 8640
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3468
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 3 KB
4 KB 18ms
14ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 24799
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3556
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 cenarock.png
www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/ 5 KB
5 KB 18ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 42068
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4618
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 seculonovo.png
www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/ 8 KB
8 KB 19ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 49818
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 8110
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 planocarreira.png
www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/ 4 KB
4 KB 19ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 27000
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3708
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 fotocorreio.png
www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/ 4 KB
4 KB 19ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 14cc03bc3cb62a25bc65bb84d6a79e30a8e18abfdd395ecc9000861ee45443dd

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 41706
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4336
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 carrosemotos.png
www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/ 4 KB
4 KB 19ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 26579
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4220
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 dialogosnovo.png
www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/ 4 KB
4 KB 20ms
17ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 11381
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3930
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 correiofeminino.png
www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/ 5 KB
5 KB 21ms
19ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 40227
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4758
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 cinecp.png
www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/ 4 KB
4 KB 22ms
19ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 28419
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4402
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 logo%20of-jor02.png
www.correiodopovo.com.br/image/policy:1.515193:1604606827/ 12 KB
12 KB 22ms
20ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 34768
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 12048
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 campereada.png
www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/ 4 KB
4 KB 22ms
20ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 24813
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4240
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 bichoamigo.png
www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/ 4 KB
4 KB 22ms
21ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 33055
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4332
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 livrosamais.png
www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/ 5 KB
6 KB 23ms
21ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 40778
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 5496
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 / Show response
vacina.saude.rs.gov.br/ Frame 2995 291 KB
53 KB 2819ms
335ms Document
text/html 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / PHP/7.2.30 ARR/3.0 ASP.NET
Resource Hash: f437b28d51f605420f7c2348caeaeda35be00915c2c16c210189b32550928f21

Request headers

:method: GET
:authority: vacina.saude.rs.gov.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=ISO-8859-1
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: PHP/7.2.30 ARR/3.0 ASP.NET
date: Mon, 01 Mar 2021 08:55:52 GMT

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame A94B 92 B
268 B 150ms
106ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
via: 1.1 google
cache-control: max-age=3600
alt-svc: clear
expires: Mon, 01 Mar 2021 09:55:50 GMT

GET
H2 200 %23COVID19NOGHC_CORONAVIRUS200417B.jpg
www.correiodopovo.com.br/image/policy:1.577394:1614365729/ 7 KB
8 KB 24ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.577394:1614365729/%23COVID19NOGHC_CORONAVIRUS200417B.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=491d4eb&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: fdff116ba6640e24792a0b237d327079052490fce95382d13f34409d1061c9cb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 7604
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 WhatsApp%20Image%202021-02-25%20at%2023.47.00.jpeg
www.correiodopovo.com.br/image/policy:1.577311:1614360877/ 7 KB
8 KB 20ms
15ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.577311:1614360877/WhatsApp%20Image%202021-02-25%20at%2023.47.00.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f18991d&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 525214f0104af2b32cce84ea02a9e1f3f0ce81c5a351d7742186f78467a7d04a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 7592
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 CrimeScene_TheVanishingattheCecilHotel_Season1_Episode1_00_28_06_00.jpg
www.correiodopovo.com.br/image/policy:1.576678:1614278472/ 16 KB
16 KB 21ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.576678:1614278472/CrimeScene_TheVanishingattheCecilHotel_Season1_Episode1_00_28_06_00.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=7ffb837&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 4266ee91a810aaa04021fde0efc38650b8b307c01a428186976d78f8deca45da

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 15950
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 NOITEDOSMUSEUS2019_PUBLICO190518J.jpg
www.correiodopovo.com.br/image/policy:1.532081:1607100841/ 14 KB
14 KB 21ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14188
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 CABINEDEVOTACAODOTREPOA.jpg
www.correiodopovo.com.br/image/policy:1.520273:1605302767/ 6 KB
7 KB 21ms
17ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 6594
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 TROFEUDESTAQUESCPOVO2015150826.jpg
www.correiodopovo.com.br/image/policy:1.495202:1602195094/ 12 KB
12 KB 23ms
18ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.495202:1602195094/TROFEUDESTAQUESCPOVO2015150826.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=cfea42f&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 3421252a20679159203e241c458e4e366e9b154de6d14e61b7f3a693573ef761

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 12192
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 INCENDIONAAMAZONIA190825.jpg
www.correiodopovo.com.br/image/policy:1.456793:1595967208/ 23 KB
23 KB 23ms
18ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 23524
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 CONFLITONAALEMANHAEM1920.jpg
www.correiodopovo.com.br/image/policy:1.406675:1584663803/ 28 KB
29 KB 23ms
19ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 29062
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 gremiocoronaGT13.jpg
www.correiodopovo.com.br/image/policy:1.406650:1584655134/ 9 KB
9 KB 24ms
20ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 9148
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg
www.correiodopovo.com.br/image/policy:1.401717:1582743154/ 14 KB
15 KB 24ms
20ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14730
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 000_1P67ML.jpg
www.correiodopovo.com.br/image/policy:1.401058:1582333779/ 20 KB
20 KB 27ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 20584
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 CONCEICAOEVARISTO.jpg
www.correiodopovo.com.br/image/policy:1.397524:1580848385/ 14 KB
14 KB 27ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14550
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 the-dead-line-in-the-raod-1175899-1599x1024.jpg
www.correiodopovo.com.br/image/policy:1.392853:1578957861/ 2 KB
3 KB 28ms
24ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 46fd479ffb31457f997272daabf4e1791a0f0814c2127888ef6ecd526d37d00b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 2438
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 IAR%202019-79.jpg
www.correiodopovo.com.br/image/policy:1.377823:1572903045/ 16 KB
16 KB 28ms
24ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 16342
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 pixel;r=1602346156;rf=0;uht=2;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;fpan=1;fpa=P0-1963314104-1614588950114;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=cor...
pixel.quantserve.com/ 35 B
371 B 15ms
12ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1602346156;rf=0;uht=2;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F;fpan=1;fpa=P0-1963314104-1614588950114;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=correiodopovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1614588950113;tzo=-60;ogl=title.Correio%20do%20Povo%2Csite_name.Correio%20do%20Povo%2Curl.https%3A%2F%2Fwww%252Ecorreiodopovo%252Ecom%252Ebr%2F%2Cdescription.%2Ctype.website

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ 235 KB
82 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a993c7bd233a47e0f154180fe17781d2d4926997b5fc8802f419e98bc4b642e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 62688
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83127
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:31:02 GMT

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 132 B
293 B 104ms
102ms Script
application/json 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/get-action?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=770302071216348572&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eb2bdb7f9402b62e74efacac7291a05ede0a6dafcea24957323f6474856c37e2

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.45.61.203:8080
date: Mon, 01 Mar 2021 08:55:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588950.156703,VS0,VE95
x-served-by: cache-hhn11570-HHN
x-cache: MISS
content-type: application/json;charset=UTF-8
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=204496277643064&ev=PageView&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&rl=&if=false&ts=1614588950165&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.2.1614588950162.738984861&it=1614588949999&coo=false&rqm=GET

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 01 Mar 2021 08:55:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
266 B 40ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c0408693ad448afab46cf35a127265e1fc6d3136adc00cfa808f25d4a08a219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 25CE 54 B
207 B 62ms
62ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1614588950&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614588949977&bpp=10&bdt=529&idt=196&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5509249374306&frm=20&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588950&ga_hid=86977403&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060292%2C42530671%2C21066923&oid=3&pvsid=2731616042898406&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=210

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1614588950&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1614588949977&bpp=10&bdt=529&idt=196&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5509249374306&frm=20&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588950&ga_hid=86977403&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060292%2C42530671%2C21066923&oid=3&pvsid=2731616042898406&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=210
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:50 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 01-Mar-2021 09:10:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Mar 2021 08:55:50 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:50 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
939 B 7ms
7ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210301

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55f6932347116effda736d9a824fdfe3b360c2a8b9af189ba0c9041be6e5f5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 35696
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 760
etag: W/"53f-JC0c5gC8t2emDHNPnLe0fTuiLec"
x-served-by: cache-fra19158-FRA, cache-hhn4027-HHN
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 451ms
150ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 67ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=53352694133
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:49 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 65ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=49975268378
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:49 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 449ms
151ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 447ms
150ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 64ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=16881978572
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 iframe_api Show response
www.youtube.com/ 810 B
746 B 22ms
22ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

854e610e7aa6185bd43db1d3de1aecf8f37c8969e008b83ad2b2fa307a5fd4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:50 GMT

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 0
71 B 16ms
16ms Image
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/notify-impression?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=770302071216348572&page.template=home&page.dashboard=home
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.45.181.228:8080
date: Mon, 01 Mar 2021 08:55:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588950.246438,VS0,VE9
x-served-by: cache-hhn11570-HHN
x-cache: MISS
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/correiodopovo/ 111 KB
30 KB 8ms
8ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/correiodopovo/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/correiodopovo/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kqTxPFH_D9zExzTB0PjSGPERIWhbAJJ0
content-encoding: gzip
etag: "722c612becdf55d8463d1c4ea96bd7ea"
age: 940307
x-cache: HIT, HIT
content-length: 30933
x-amz-id-2: ro/5W0ZF4VNL+AbjD3zgfPhQOSgb3wgmqH06cT8lDci34lef06htzY0EGJjylPCO6N8BC8uYjQQ=
x-served-by: cache-lax10622-LGB, cache-hhn4034-HHN
last-modified: Thu, 09 Apr 2020 05:41:41 GMT
server: AmazonS3
x-timer: S1614588950.247496,VS0,VE1
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding,,
x-amz-request-id: 3DB7E7C4735BD8F8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 21ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=41117537145
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:49 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 393ms
151ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 656E 567 B
864 B 34ms
15ms Document
text/html 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f682d53d303ccfaf80cb67ea5198fde3b8d4173adf6294ce91a0dbafba9252ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gHaeF/PiIq05R1XfE2wsJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=fBHX8alaH72GC7-moFeuTcAeoBj43iAz9B7KzcgpZH-Ab4H5crxsofUBtwOORaEzlpLNEPwLrT8u_HVcevYyD4DeohbH_CcDjdLmegRlltrIjK-dI7iLlQ8P9H1tILClp-7stlpIlQPlPMFuIVpUYSHPuCRGBqSBJEiGndNEA6s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Mar 2021 08:55:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-gHaeF/PiIq05R1XfE2wsJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fe52f49/www-widgetapi.vflset/ 105 KB
38 KB 37ms
23ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4de6db03ab259e7cecc2c985827964b5e0a1041eb43ac27eb28149e6e1ee9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 07:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 4628
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38265
x-xss-protection: 0
expires: Tue, 01 Mar 2022 07:38:42 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 11ms
10ms Image
text/plain 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1614588950378&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 capajornal.aspx Show response
portal.correiodopovo.com.br/includes/input/ Frame 417C 223 B
368 B 650ms
650ms Document
text/html 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d737770ce7b7d2a6d3bceb4069c0429919b33b98ada399cd52e73973a031de58

Request headers

:method: GET
:authority: portal.correiodopovo.com.br
:scheme: https
:path: /includes/input/capajornal.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _fbp=fb.2.1614588950162.738984861; __qca=P0-1963314104-1614588950114; __gads=ID=9ddf4375fc8b09b9-22aa87b0a0ba00b2:T=1614588950:RT=1614588950:S=ALNI_MbBUkRdpUxGqUuUghaa82khsN7L8A; trc_cookie_storage=|taboola global:user-id=da0b4791-6337-43e3-9b33-a03fde29a85d-tuct7363196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

cache-control: public, max-age=780
content-type: text/html; charset=utf-8
expires: Mon, 01 Mar 2021 09:08:50 GMT
last-modified: Mon, 01 Mar 2021 08:38:50 GMT
vary: *
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Mon, 01 Mar 2021 08:55:50 GMT
content-length: 223

GET
H2 200 index.php Show response
stg.truvidplayer.com/ 582 B
607 B 150ms
107ms Script
text/html 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=79282365650477.08
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 0c2442e5b1f9a338ac2ddc2d36559367b4ab94de1a397c8a83656ebb2024a1c7

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: yNrhdcjHJpCKPBaDQnjXCLY3DNvymXYQNbpqqr-n_HEPojCSWHdtEA==

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 22 B
353 B 382ms
137ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=38077&async=1&visit=s&tmstp=6343376758&tag=sas_38077&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e5b77e18f570c03a69866a02eb1e7281e5ef072043fe6afd68abba126920919a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b2%3b61
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 22 B
350 B 381ms
136ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31549&async=1&visit=s&tmstp=6343376758&tag=sas_31549&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: de4725cc1de7a73311f5c3cae1a2bd989f59f404fc53f8b216b8c5efe1b93bea

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:49 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b15%3b122
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 5 KB
1 KB 104ms
104ms Script
application/javascript 34.228.251.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2782&vId=0A040E2E440A3499&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1614588950392&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588949788
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.228.251.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-251-145.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 07484d90157127b5669184db2d259f2389e0e6f7ba3ef8eda1a1fffd9e8ada41

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 client:platform.js Show response
apis.google.com/js/ 49 KB
19 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5a9c46415e54c7b2c6d5e023530e3250f060bc69fc6d9f30dd72669a193a4a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AuMTq/zZ3qBobjSBND04yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "acc7b1b39eca3029e3265d6ec727a094"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-AuMTq/zZ3qBobjSBND04yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:50 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b42ac0ff319a7cfbfb8a9674ca5cb03db2d6faa22ec79d3e32059f0923839d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PFbtsKicIQFB2QMMrkoTnw==
cross-origin-resource-policy: cross-origin
expires: Mon, 01 Mar 2021 09:04:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-ua-compatible: IE=edge
x-fb-debug: AuOmGR2T22uvbxKpX1U85ompWR6KlBRNayhNp04Ap19p4UUC4+QhzxCSvS/yTvWG1HIa+LK7KsXA1bDDEnYfQg==
x-fb-trip-id: 686109401
x-fb-content-md5: 670f9ffdf087afe00be4f5f8800f5faf
date: Mon, 01 Mar 2021 08:55:50 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "9de87a9026929991d3d094d175d274b6"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B98) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1427
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28744
x-tw-cdn: VZ
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6B98)
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
DATA 200
OK truncated
/ 51 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 p.gif
www.correiodopovo.com.br/logger/ 43 B
262 B 15ms
13ms Image
image/gif 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/logger/p.gif?d=/2.200
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-cacheable: NO:Not-Cacheable
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: image/gif
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 57
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 json Show response
trc.taboola.com/correiodopovo/trc/3/ 13 KB
6 KB 318ms
316ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/correiodopovo/trc/3/json?tim=09%3A55%3A50.425&lti=deflated&data=%7B%22id%22%3A95%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1614586759642%2C%22vi%22%3A1614588950424%2C%22cv%22%3A%2220210301-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11192%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A3063%2C%22mw%22%3A1140%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22orig_uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22cd%22%3A6610%2C%22mw%22%3A336%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a72deed8b474dc6422f5289a927ad674376894ce884530a6c612badd4b10920

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 301
date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
server: nginx
x-timer: S1614588950.433420,VS0,VE301
x-served-by: cache-fra19166-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 57 KB
15 KB 38ms
8ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 94839cf5d8deeb6bc4145b4988daee36c27013d0a3879ce38afa4c6199900d51

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:11:50 GMT
content-encoding: gzip
age: 2640
x-guploader-uploadid: ABg5-Uw0mqAKVxatdMtgqVIF9Cfl6Au7mppEcdGJ9kTbaW2XMg5-ctpsitD-rqWRZhu-V6gfZ5oRT-3LB8dGYfJpqM8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 15516
last-modified: Tue, 09 Feb 2021 19:04:57 GMT
server: nginx/1.8.1
etag: "008bbafc6365cbb68be4b847107d952b"
vary: Accept-Encoding
x-goog-hash: crc32c=IN7gDQ==, md5=AIu6/GNly7aL5LhHEH2VKw==
x-goog-generation: 1612897497493416
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 15516
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 01 Mar 2021 10:11:50 GMT

GET
H2 200 fontawesome-webfont.woff
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontawesome/fonts/ 82 KB
82 KB 13ms
13ms Font
application/x-font-woff 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontawesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontawesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
last-modified: Tue, 10 Nov 2020 18:15:32 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: application/x-font-woff;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 temperaturatopo Show response
www.correiodopovo.com.br/cmlink/ 240 B
423 B 14ms
14ms XHR
text/html 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/temperaturatopo
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: fbed867d970eaf27bcc431d7fa97f8cb428080f753c65a56316c0c19e5e3fb79

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.correiodopovo.com.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/temperaturatopo
x-cacheable: YES
server: nginx/1.12.2
age: 43
vary: Accept-Encoding
x-cache: HIT
content-type: text/html;charset=utf-8
v: 5
cache-control: max-age=300
accept-ranges: bytes
content-length: 162
expires: Mon, 01 Mar 2021 09:00:50 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ 772 B
584 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c28fb635a8d1395da565c7734e82f6952c15846ad5453cd5fab37eb6400b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 04:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 362607
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 503
x-xss-protection: 0
expires: Fri, 25 Feb 2022 04:12:23 GMT

GET
H3-Q050 200 subscribe_embed Show response
www.youtube.com/ Frame 256A 2 KB
1 KB 32ms
30ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c094b40bd27dd294b52a2ae692ee328bcb89d2d7af55f7604a5018ee6344a8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=LXbq4QyOzA8; VISITOR_INFO1_LIVE=S37VkSzVLf4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Mar 2021 08:55:50 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+802; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
528 B 16ms
15ms Image
text/plain 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&ns__t=1614588950540&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F&c9=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 33.png
www.correiodopovo.com.br/imagens/icons/93x93/ 1 KB
1 KB 17ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/imagens/icons/93x93/33.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 870ce13ead89fd67c07b8c1c6564f313f2240590470ec65d9d9a35fbfe00cb7e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 1774
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 1036
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 .jpeg
www.correiodopovo.com.br/image/policy:1.578319:1614562893/ 45 KB
46 KB 15ms
14ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578319:1614562893/.jpeg?f=5x2&$p$f=b3d5542&w=1200&$w=9c05b01
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 165d16395da12acc4917877489236db8f72b553e40fee817825483c56b14dae9

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 59057
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 46550
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 .JPG
www.correiodopovo.com.br/image/policy:1.578330:1614565737/ 147 KB
147 KB 18ms
16ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578330:1614565737/.JPG?f=3x2&$p$f=18a2fc6&w=1200&$w=9c05b01
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 72c533e7a2a7016d41ccb33f736327806817d9478446be3559fdf9a0d6d50249

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 167024
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 150670
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 .JPG
www.correiodopovo.com.br/image/policy:1.578339:1614567889/ 14 KB
14 KB 24ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578339:1614567889/.JPG?f=1x2&$p$f=f7fc437&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 874c1db60b71aa5c771b156268abc73438e58376941c38379d0d2293aef3a9fb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 18547
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 13872
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 .JPG
www.correiodopovo.com.br/image/policy:1.578314:1614560697/ 30 KB
30 KB 24ms
23ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578314:1614560697/.JPG?f=1x2&$p$f=f7fc437&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 2bdc3e7fc97a5887c97660b6c036c5940ff0e8722c14c255a04aafb79d6024d0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 32668
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 30732
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.578251:1614548771/ 18 KB
18 KB 25ms
24ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.578251:1614548771/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: b9f0f3a82597a70ef06a278e37bddb9a692ba091e00fe9ea036cc6c21d1ee014

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 22394
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18588
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.577999:1614511320/ 2 KB
3 KB 25ms
24ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.577999:1614511320/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e31c280c62455d94cca8a632522cf088beea72a97db6e00d43c404373e3ffcbe

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
server: Azion IMS
x-original-image-size: 7041
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 2494
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3194
date: Mon, 01 Mar 2021 08:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 01 Mar 2021 10:02:36 GMT

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 656E 10 KB
5 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 03:27:24 GMT
server: sffe
age: 63257
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:21:33 GMT

GET
H3-Q050 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 656E 12 KB
5 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

38a622d903f3d196af226cd9f4081afc5e717465d8afc40f39b6a8319be4c786

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LxeJD/8Tgxy1g7bH9Hvalg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "089674d94dca2bf44b47ebe0e4c3595b"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-LxeJD/8Tgxy1g7bH9Hvalg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:50 GMT

GET
H3-Q050 200 KK4rspjgTu8 Show response
www.youtube.com/embed/ Frame D3A2 51 KB
21 KB 61ms
60ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a958a45f31a623164dee220c641256d845cb491a6c340458cbd36d10460d6b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=LXbq4QyOzA8; VISITOR_INFO1_LIVE=S37VkSzVLf4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Mar 2021 08:55:50 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+295; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f5203f84a400f45e8a27b3a4f3484b55&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54f0e39fa3adf9de2c133067f574586b4048b310a7d3f6e4aba5dad4e5a4f28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: qJrmvfqH6CHGvtR57F+XjA==
cross-origin-resource-policy: cross-origin
expires: Tue, 01 Mar 2022 07:12:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60503
x-fb-rlafr: 0
x-fb-debug: 7kCcUZS/+EYwPFUQisRhqbnISS1lBScHeQVZod1vUteK72OTR+26+k/Vxb1PzHvEDDg5ogS8HPtjmtDHhLQ0dg==
x-fb-trip-id: 686109401
x-fb-content-md5: 5c1a5637f27901d753914500cccf2015
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 01 Mar 2021 08:55:50 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "48e9d9687240422c791cfd1255fe424f"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html Show response
platform.twitter.com/widgets/ Frame 76CF 320 KB
104 KB 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8D) /
Resource Hash: 99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.correiodopovo.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1684175
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Mar 2021 08:55:50 GMT
Etag: "d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8D)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105677

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ 68 KB
24 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623da376f12eafef2cb19654718f04e2433db67f5e648948f72762fcf3864008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 08:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 175367
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24040
x-xss-protection: 0
expires: Sun, 27 Feb 2022 08:13:03 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 102ms
101ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=0A040E2E440A3499&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1614588950392&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=0A040E2E440A3499&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1614588950392&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 04:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187701
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 04:47:29 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 192ms
191ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=0A040E2E440A3499&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1614588950392&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 192ms
191ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=0A040E2E440A3499&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=&sr=&ts=1614588950392&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H2 200 3680.js Show response
go.trvdp.com/init/ 23 KB
23 KB 29ms
8ms Script
binary/octet-stream 2600:9000:2156:3000:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/3680.js?pid=2617
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=79282365650477.08
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:42:13 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:05:42 GMT
server: AmazonS3
age: 9566018
etag: "270eed6f93a6caf3e2976ddfbf017ed6"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: 35Yl3p1v0RD8nNXX94VNIpMXAwWx_7yNsg-nMGPBAE6rf3EacOKb4Q==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=86977403&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=827412693&gjid=1562493878&cid=1680029494.1614588950&tid=UA-4083550-1&_gid=659501737.1614588951&_r=1&gtm=2wg2h0MFKL3B&did=i5iSjo&z=1383337140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
484 B 97ms
63ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: c3ab2478d1ef53e1be2c3f16c433775b8a7654c5dab89a8db6ed04e92f39cfe5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Mar 2021 08:55:50 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
484 B 104ms
71ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: a5311c8e2bbd789cf7b005e3fa7bfe4f1c323fa91933875ba49d55a20df74b56

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Mar 2021 08:55:50 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
484 B 102ms
68ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 9706d055a68bd87a421fbd7ae3f6d510e960eab120e65a20720afdc2c4f72a9a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Mar 2021 08:55:50 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
720 B 53ms
24ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid: 5c68b781-9e36-4d95-9cd6-7c2603df6851
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
719 B 52ms
23ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: e082c81b-e379-4d18-b8c7-faea496bb0db
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=39f7a2590213f2d;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040600/0/0/ 48 B
81 B 157ms
133ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040600/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=39f7a2590213f2d;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: d9e41799033cc94c49b795dc8a0a925524551c14b4845d4ceaf7ac2424659198

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=4082b80bd290913;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040604/0/0/ 47 B
81 B 146ms
122ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040604/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4082b80bd290913;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 73d2e30ddafa461b2de5fb839f168ddbbfa7d71dde548106e28512f932dc63b6

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select023c.us-east-1.prod.adtech.aolcloud.net", "UserId": "603C9F006E651744EE96014EE0000000"}}
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=41ac6f47b2ea5f9;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5233718/0/0/ 48 B
81 B 142ms
118ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5233718/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=41ac6f47b2ea5f9;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 90507cf662d96cb74cb6674c03ebff022bd5da7ff00de60f9a572cb93029c172

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=4275b91cb6dc8f2;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5234236/0/0/ 48 B
81 B 140ms
116ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5234236/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4275b91cb6dc8f2;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: db8bbca9b0cc6ae18f3a2ff159c51aa97bfe212090de4725feab86d629bec74f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=438f0600ada06eb;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040600/0/0/ 48 B
87 B 144ms
121ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040600/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=438f0600ada06eb;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: bb539a2a45959928747c4bbf0c28c66f243f170d17fb631a083346f285989b8b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=44c6a048783e523;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040604/0/0/ 47 B
80 B 158ms
136ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040604/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=44c6a048783e523;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ca925a8032c9b2378bd5490f2f22c264cdfba7445ea31367cc2c7f1357eb0394

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=4515cb76b8da351;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5233718/0/0/ 47 B
80 B 460ms
437ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5233718/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4515cb76b8da351;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: f5eac1bbe2b9bff0e17d741eaf6a7fd77b1c4ce6f41d85c8734bc5934e0d9892

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=46cf2cd6388f029;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5234236/0/0/ 47 B
396 B 126ms
103ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5234236/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46cf2cd6388f029;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: eb82fd8252fd56c92ceb2fc07b1aee620b91c3f266c866a23ff61d32c3dc6b3a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
x-adtech-meta: {"Debug": {"IP": "0.0.0.0", "Selector": "pri-select023c.us-east-1.prod.adtech.aolcloud.net", "UserId": "603C9F006E651744EE96014EE0000000"}}
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=47b5fb3cde39e23;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040600/0/0/ 48 B
81 B 156ms
134ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040600/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=47b5fb3cde39e23;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: a03b8540187ee1abbafcc42cca8b867a657d2d1cba2ba32e024ce030438e4b65

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=484823e865e87f8;misc=1614588950685; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040604/0/0/ 47 B
103 B 407ms
385ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11627.1/5040604/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=484823e865e87f8;misc=1614588950685;
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 1f9b705a867700b087073f570abc853bcd1f9d6981d53b7c740725b53d0e6095

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 23ms
23ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.23.0&cb=51974159144
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 150ms
149ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ Frame 656E 51 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

614c628979413c313447557e9d90e9082ca8b9175d5c4a464bd6a9e6bc3a4aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 06:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 352831
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18067
x-xss-protection: 0
expires: Fri, 25 Feb 2022 06:55:19 GMT

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 22ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=68567149463
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 151ms
149ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 10 KB
4 KB 202ms
139ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=55382&async=1&visit=s&tmstp=6343376758&tag=sas_55382&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 1068182216a665af37ef3684c19b0ba0a20b3400eb32cb4bffb48439141f9793

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b16%3b60
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9041896
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 151ms
149ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 28ms
26ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=74410505078
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:49 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 10 KB
4 KB 201ms
139ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=53988&async=1&visit=s&tmstp=6343376758&tag=sas_53988&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 31d5f4784d5a7cb181fa5553c77366d333ccec3ef2507e0db702dee288d47168

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b15%3b107
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9122889
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
154 B 27ms
26ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.20.0&cb=29240433647
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 151ms
151ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Mon, 01 Mar 2021 08:55:50 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 10 KB
4 KB 485ms
282ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=43190&async=1&visit=s&tmstp=6343376758&tag=sas_43190&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: a961588419354a49a8fc5ecad86b1ebd2dbd44ad8e27a01d9d0984271217ade3

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b14%3b80
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9122920
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 8 KB
3 KB 521ms
318ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=31546&async=1&visit=s&tmstp=6343376758&tag=sas_31546&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: ece8110f8000f6d00010b0e0d5c1dbd687165f9a9b029a3b4d377c81259c1f2b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b9%3b68
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9122909
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

POST
H2 200 /
www.facebook.com/tr/ 0
55 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWgkVV2hfERGBUkTc

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 01 Mar 2021 08:55:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 256A 38 KB
6 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 04:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
age: 362191
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
expires: Fri, 25 Feb 2022 04:19:19 GMT

GET
H3-Q050 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 256A 252 KB
72 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 21:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
age: 300462
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
expires: Fri, 25 Feb 2022 21:28:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-4083550-1&cid=1680029494.1614588950&jid=827412693&gjid=1562493878&_gid=659501737.1614588951&_u=YAhAAEAAAAAAAC~&z=1585164131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Mar 2021 08:55:50 GMT
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 12 KB
4 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c6e4d91652af885170d2e5c88f6dacf567142c1ab9da5beea46fd05fc41b328

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ynYPWmHM0LSu_oXTq0yOPyhaoDYkDKij
content-encoding: gzip
etag: "176382e14855ae8537542353f9b225b1"
age: 13371
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4168
x-amz-id-2: 7ZzuoJTL++7iDs4DVhYVUnr5Xz8i+Luj7ePIyz0C5S7LM3aj1M8ivEIav/VJg6fLoQtc8PRwLNg=
x-served-by: cache-hhn11570-HHN
last-modified: Sun, 28 Feb 2021 13:12:49 GMT
server: AmazonS3
x-timer: S1614588951.801327,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
x-amz-request-id: 5411AB699D5124EE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 77
x-cache-hits: 126722

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 3 KB
1 KB 7ms
7ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b57eca495e606d6a5b71d039f54b48f95b24ecfab0e885f0834df9647988211f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wesQ.pLLtqiqMPOAo87CHMJBm6LJzidh
content-encoding: gzip
etag: "a13f67361cd19b638bb3083cf688d732"
age: 3070
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 748
x-amz-id-2: d9sTKfwYmrIxTcoVpriY4wrlu6eOUvKWrrpl65qsiLwWDWQW/Ptp5bNyeLbPGhGTsnPN36Iy2cM=
x-served-by: cache-hhn11570-HHN
last-modified: Tue, 09 Feb 2021 16:04:13 GMT
server: AmazonS3
x-timer: S1614588951.801258,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
x-amz-request-id: 953558099170AD83
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 77
x-cache-hits: 38115

GET
H2 200 tfa-eid.20210301-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 10ms
9ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210301-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a3da2c34ab96075910d7c3fff80990971ce94b069d94d5afab2db8b1cebcd47

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: m88Kp19aw4ZKa0csy5cZcVY_AO6SC1y2
content-encoding: gzip
etag: "74cc1ebc02069a701823a91ae9c20911"
age: 2568
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4856
x-amz-id-2: IglwBABoali47z3dHcYQDTcV7Kst8e2UQtmlFaxY4C5EEcDOthdiNVMbO0CMZZ1qF+Hd1s/uYpI=
x-served-by: cache-hhn11570-HHN
last-modified: Mon, 01 Mar 2021 08:13:00 GMT
server: AmazonS3
x-timer: S1614588951.803699,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
x-amz-request-id: 9B6124B1D96258A2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 22507

GET
H2 200 sha256.20210301-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 10ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210301-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a596d5f0777606c6e4a6b0578394d87f7043ab6d19ca84b646ab29f09e8bdc9b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: G59tfLllWpVEDSrZ6wygdQ4QlhC2as53
content-encoding: gzip
etag: "95a3f0bcdce2154add1a035f3c7bc258"
age: 2559
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: YekKeB91W2lCaQ+OKmI/YYOhx5SFqMfc76ZNrJgOWwPZDCvkYNF/6MrgGl291UdzT9m1K/AsWxY=
x-served-by: cache-hhn11570-HHN
last-modified: Mon, 01 Mar 2021 08:13:10 GMT
server: AmazonS3
x-timer: S1614588951.806523,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
x-amz-request-id: 77C1C002FE42A5F2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 21582

GET
H2 200 userx.20210301-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210301-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78d5f03b21d5294d1e326bb6fe1eca7ea7c63f2476158eac08f71c6a45c8faeb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vwxXMtNMvoIXb3CPkICOfPABs.kkuh8z
content-encoding: gzip
etag: "14e082682f0ce07297aa7438e57a0a48"
age: 2573
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7811
x-amz-id-2: h6ds6sP61ldu21vVk85yeEsu6T1u4w3oOwj8LIflHNgRXoZP3eKHDIVjYZGjcfL1ZArIoMu2PYQ=
x-served-by: cache-hhn11570-HHN
last-modified: Mon, 01 Mar 2021 08:12:55 GMT
server: AmazonS3
x-timer: S1614588951.814904,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
vary: Accept-Encoding
x-amz-request-id: C0073B642A527FFF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 77
x-cache-hits: 6528

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:07:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 416898
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:07:32 GMT

GET
H2 200 tb Show response
15.taboola.com/ 26 KB
8 KB 44ms
35ms Script
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=correiodopovo&unitType=59&tbloc=&pageType=home&pstn=Slider%20-%20Video&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&encoded=1&uid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&variant=-100|11760131&callback=TRC.videoTagCallbacks.videoCallback1&cb=1614588950857&tagid=&cntry=DE&platform=1&sesid=38f6c6aedbeb99ce12b78a82d46ea512&itemid=/&viewid=1614588950424&geolat=&geoing=&deviceifa=&appid=&sd=v2_38f6c6aedbeb99ce12b78a82d46ea512_49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196_1614588950_1614588950_CIi3jgYQzeNHGJjvgOj-LiABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGjipqqRsq2X4nA&ri=af3d9f44d5e8c54e0ebaad391261ce93&appname=&cdb=&gdprApplies=true&rid=&sii=-5703500169402860967&oee=true&tpubid=1176013&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1211637
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a17513000ffc1257142f982f1166df0997df420ef6c593f30352e8790cd6e63

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
machineid: 1446
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19166-FRA
pragma: no-cache
server: nginx
x-timer: S1614588951.872519,VS0,VE19
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 2F00
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-...

0
68 B

26ms
24ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-4709-92c7-f124277e9717&isDirect=0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588951.180785,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-4709-92c7-f124277e9717&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 13997

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2F00 0
239 B 88ms
21ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 2F00
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0TW4SbcyKAg1&ev=1&orig=trc&pid=562107

0
220 B

22ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0TW4SbcyKAg1&ev=1&orig=trc&pid=562107
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 14013

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0TW4SbcyKAg1&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-stage-0
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 2F00 43 B
690 B 22ms
16ms Image
image/gif 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.48:80
AN-X-Request-Uuid: 37c5577e-fcc9-4141-8329-1a2de766c2df
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 2F00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1

0
59 B

31ms
31ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 11
date: Mon, 01 Mar 2021 08:55:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588951.962169,VS0,VE11
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 2F00 42 B
1009 B 313ms
20ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196:$UID
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:49 GMT
X-lat: Pug23033:0:342
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2F00
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

170 B
213 B

16ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196
tbl-x-upstream: 10.41.34.201:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 13997

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 2F00
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883

0
205 B

25ms
25ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 01 Mar 2021 08:55:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588951.057415,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 2F00
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

16ms
16ms

Image
text/plain

216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 2F00 49 B
406 B 186ms
90ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-ttkk7
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 2F00 43 B
697 B 69ms
18ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=0&gdpr_consent=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 2F00 42 B
233 B 1299ms
93ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:52 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame 2F00 43 B
124 B 1115ms
31ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2F00
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2

0
229 B

23ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 19176

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Mon, 01 Mar 2021 08:55:50 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2
cache-control: no-cache
server-processing-duration-in-ticks: 2526
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 01 Mar 2021 00:00:00 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 2F00
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8tAZLUOoiqBs1sbBNCNHXCPSzueVAOAizqZU1g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO8tAZLUOoiqBs1sbBNCNHXCPSzueVAOAizqZU1g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=d6f9024b-eacd-45a8-a7e7-9f726866ac43&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_87a8c9c2-3047-4a8c-afc5-2883111e9036&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEGmvv6NEraXF-rTB7MH3t...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=738048413311384278&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aW...
https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

43 B
1 KB

12ms
8ms

Image
image/gif

51.89.21.8
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.8 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p29.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:53 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date: Mon, 01 Mar 2021 08:55:54 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 2F00
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YJes34P0DVGWMsfAF6w8YA

0
220 B

21ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YJes34P0DVGWMsfAF6w8YA
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.222:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 17978

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YJes34P0DVGWMsfAF6w8YA
date: Mon, 01 Mar 2021 08:55:51 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 2F00 35 B
380 B 1192ms
101ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:48 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 2F00 0
155 B 2015ms
87ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&_r=674586
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 01 Mar 2021 08:55:53 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 2F00
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=bcZ1F2vaSl5SSq_JwuX_lln5QKs&user_group=1&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf

0
228 B

22ms
22ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Mon, 01 Mar 2021 08:55:53 GMT
server: nginx
x-fastly-to-nlb-rtt: 15384

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf
date: Mon, 01 Mar 2021 08:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 5761
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-...

0
52 B

27ms
26ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-4709-92c7-f124277e9717&isDirect=0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588951.306955,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba865dd7-faed-4709-92c7-f124277e9717&tbid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&query=taboola_hm%3Dba865dd7-faed-4709-92c7-f124277e9717&isDirect=0
tbl-x-upstream: 10.41.14.127:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 14013

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5761 0
239 B 21ms
21ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 5761
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YsrTeA45D5tY&ev=1&orig=trc&pid=562107

0
219 B

21ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YsrTeA45D5tY&ev=1&orig=trc&pid=562107
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 14013

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=YsrTeA45D5tY&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-75d6d6d469-ttkk7
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 5761 43 B
690 B 17ms
16ms Image
image/gif 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:51 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.54:80
AN-X-Request-Uuid: 3d72b723-3d50-4af0-9842-4105d6389165
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 5761
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1

0
79 B

24ms
24ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 01 Mar 2021 08:55:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588951.303811,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGp2Z3ptwDktjxo1dCkqqFI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 5761 42 B
1009 B 21ms
20ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196:$UID
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:50 GMT
X-lat: Pug23043:0:543
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5761
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

170 B
198 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196
tbl-x-upstream: 10.41.34.222:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 14013

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 5761
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883

0
55 B

25ms
24ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 01 Mar 2021 08:55:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588951.394967,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19166-FRA

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5d95f61b-60d4-41ea-aa41-9e6595a6d883
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1 200
OK merge
ce.lijit.com/ Frame 5761 43 B
687 B 17ms
16ms Image
image/gif 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:51 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame 5761 49 B
333 B 89ms
88ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-ttkk7
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 5761 43 B
438 B 19ms
19ms Image
image/gif 185.86.139.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=0&gdpr_consent=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:50 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 5761 42 B
233 B 1026ms
95ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=281&r=%2F%2Fsync.taboola.com%2Fsg%2Fadkernelrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%7BUID%7D
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:52 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 200 put
e1.emxdgt.com/ Frame 5761 43 B
75 B 755ms
31ms Image
image/gif 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5761
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2

0
228 B

24ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.64:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 18543

Redirect headers

pragma: no-cache
x-errorlevel: 0
date: Mon, 01 Mar 2021 08:55:50 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=e815cb96-9857-403c-9d0e-69aed0a8fed2
cache-control: no-cache
server-processing-duration-in-ticks: 4337
content-type: text/html; charset=utf-8
content-length: 222
expires: Mon, 01 Mar 2021 00:00:00 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 5761
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOw_dUwc29g6pzPK-iVWlFo0zw7VMc0ZcdNsy2_A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOw_dUwc29g6pzPK-iVWlFo0zw7VMc0ZcdNsy2_A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=d6f9024b-eacd-45a8-a7e7-9f726866ac43&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
https://id5-sync.com/c/464/441/5/3.gif?puid=e_71c933e3-982b-45b3-85b1-4a67705cbde1&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=738048413311384278&opid=apx&ops=&utidl=tech:goo:CAESEGmvv6NEraXF-rTB7MH3tsM&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aW...
https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

43 B
1 KB

15ms
15ms

Image
image/gif

51.89.21.8
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.8 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p29.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:53 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A11437770076&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date: Mon, 01 Mar 2021 08:55:54 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 5761
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=JzTvqu-qAHKGHH7wF6w8YA

0
219 B

21ms
21ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=JzTvqu-qAHKGHH7wF6w8YA
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Mon, 01 Mar 2021 08:55:51 GMT
server: nginx
x-fastly-to-nlb-rtt: 17978

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=JzTvqu-qAHKGHH7wF6w8YA
date: Mon, 01 Mar 2021 08:55:51 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 5761 35 B
380 B 491ms
99ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:48 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 5761 0
155 B 2315ms
86ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&_r=674586
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 01 Mar 2021 08:55:54 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 5761
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=JcSpynZbQ6RAMIXM2QN8h1n5QKs&user_group=1&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf

0
229 B

23ms
22ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.181:10213
date: Mon, 01 Mar 2021 08:55:53 GMT
server: nginx
x-fastly-to-nlb-rtt: 15384

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0702c811-683d-4e2a-af40-e7ca3783a7bf
date: Mon, 01 Mar 2021 08:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 ClanOT-Bold.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ 96 KB
45 KB 15ms
14ms Font
application/octet-stream 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ClanOT-Bold.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 7a7a28bf8c915d81305c6d44cbc36843ea3590864050bcca51f89792f74f631a

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1605032131!/fontscorreio/css/fontscorreio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:50 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1605032131!/fontscorreio/css/fonts/ClanOT-Bold.otf
last-modified: Tue, 10 Nov 2020 18:15:33 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Wed, 31 Mar 2021 08:55:50 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 23ms
21ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-4083550-1&cid=1680029494.1614588950&jid=827412693&_u=YAhAAEAAAAAAAC~&z=1332164504

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-4083550-1&cid=1680029494.1614588950&jid=827412693&_u=YAhAAEAAAAAAAC~&z=1332164504

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 29ms
27ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=898700906848364&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.correiodopovo.com.br%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f5203f84a400f45e8a27b3a4f3484b55&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: pBpDbcQI3n+TEpqntkKAyV1uF+vuE1IdfOK2NmtqiblJBTt3HccrYi4oWQ1e7Vs/8qttaHRIF8ya8LpuKFVHfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 01 Mar 2021 08:55:50 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame D3A2 340 KB
51 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 16:31:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 59033
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52149
x-xss-protection: 0
expires: Mon, 28 Feb 2022 16:31:57 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame D3A2 157 KB
57 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 20:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 46513
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58416
x-xss-protection: 0
expires: Mon, 28 Feb 2022 20:00:37 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame D3A2 2 MB
502 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 72511
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 513497
x-xss-protection: 0
expires: Mon, 28 Feb 2022 12:47:19 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame D3A2 8 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 70065
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Mon, 28 Feb 2022 13:28:05 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D3A2 10 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:39:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 180962
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:39:48 GMT

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 8 KB
3 KB 200ms
199ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=59524&async=1&visit=s&tmstp=6343376758&tag=sas_59524&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 4d970a1805789b99fad19755ca07365f350ecffd01da4238232cace06d823958

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b25%3b83
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9122923
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 10 KB
4 KB 211ms
210ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=68987&async=1&visit=s&tmstp=6343376758&tag=sas_68987&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: b1ff8f8f172f87363b78a31304102bfeeef70c50322d7c372e637acbbc3d36f8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b5%3b68
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9122927
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H2 204 social
trc-events.taboola.com/correiodopovo/log/3/ 0
409 B 28ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/correiodopovo/log/3/social?route=AM:AM:V&tvi2=4680&lti=deflated&ri=f533ac1384d9523ca0c410680a1aab24&sd=v2_38f6c6aedbeb99ce12b78a82d46ea512_49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196_1614588950_1614588950_CIi3jgYQzeNHGJjvgOj-LiABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGjipqqRsq2X4nA&ui=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196&pi=/&wi=-5703500169402860967&pt=home&vi=1614588950424&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=09%3A55%3A50.897&id=5802&llvl=1&cv=20210301-2-RELEASE&
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:52 GMT
server: nginx
x-fastly-to-nlb-rtt: 17048
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.22.84:10213

GET
H/1.1 200
OK ac Show response
www5.smartadserver.com/ 22 B
349 B 203ms
202ms Script
application/javascript 199.187.193.130
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=75721&async=1&visit=s&tmstp=6343376758&tag=sas_75721&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.130 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: a3c33c7b5803c16252a349b24b1e736c922b0cbe23196c0016428847d7901b25

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 5%3b25%3b75
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 256A 156 B
266 B 7ms
6ms Image
image/png 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 19:41:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 306862
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:41:28 GMT

GET
H2 200 fdb08d4a383b40c8d2cda02ee393b4cc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 17ms
15ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdb08d4a383b40c8d2cda02ee393b4cc.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e7243ddad7a39a8b2b93ffe14e757d6462755f226f7e14cd3fad7f4e17ed5a47

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2173645
edge-cache-tag: 509801060691059460864773281388984800987,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Sun, 21 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdb08d4a383b40c8d2cda02ee393b4cc.jpg
content-length: 31922
x-served-by: cache-dca17768-DCA, cache-dca17728-DCA, cache-fra19166-FRA
last-modified: Thu, 21 Jan 2021 05:53:28 GMT
server: cloudinary
x-timer: S1614588952.493699,VS0,VE1
etag: "de1b4fedf8acd2e19fbe1c804786c9d0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 410f81c3845297518923b2f4d311c703.jpg
images.taboola.com/taboola/image/fetch/h_284,w_340,c_fill,g_xy_center,x_715,y_339/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 17ms
17ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_284,w_340,c_fill,g_xy_center,x_715,y_339/http%3A//cdn.taboola.com/libtrc/static/thumbnails/410f81c3845297518923b2f4d311c703.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 81a4a1553df86f5d01dd2d2200ff1ce14a748c0357dc8ef0a8677ae5322d5d4c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 269859
edge-cache-tag: 337753305072388312207019959414166135017,301438438428241384575319811569115813904,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 18 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_284,w_340,c_fill,g_xy_center,x_715,y_339/http%3A//cdn.taboola.com/libtrc/static/thumbnails/410f81c3845297518923b2f4d311c703.jpg
content-length: 41375
x-served-by: cache-dca17764-DCA, cache-dca17749-DCA, cache-fra19166-FRA
last-modified: Mon, 15 Feb 2021 05:37:59 GMT
server: cloudinary
x-timer: S1614588953.513564,VS0,VE1
etag: "62c421d3b859ac6806bc34c1817909f2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 6e3dad1a203a6737f74f2da53bf9e379.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 15ms
15ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e3dad1a203a6737f74f2da53bf9e379.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2e9c8f1ed25b401ffb5f67f569276b2ec824dc031451932b7a8ab96768d77136

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2243264
edge-cache-tag: 374660180527999823674256892735830633021,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e3dad1a203a6737f74f2da53bf9e379.jpg
content-length: 17610
x-request-id: 6148ce1950befe9088f9eb711adbdff6
x-served-by: cache-dca17759-DCA, cache-dca17759-DCA, cache-fra19166-FRA
last-modified: Tue, 02 Feb 2021 18:27:44 GMT
server: cloudinary
x-timer: S1614588953.519893,VS0,VE1
etag: "9804bd5d26368c0f8937a7a5864ae30a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 21, 1

GET
H2 200 80ebae7de5cd4dd5f336c2f56096104a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
20 KB 15ms
15ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/80ebae7de5cd4dd5f336c2f56096104a.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 8e44ff057f4cc8f34d60db6e9562ce8d70cdb38bd3ad1f278cdcca1f25137fed

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 582767
edge-cache-tag: 466681545410666589153327683275004794293,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Thu, 04 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/80ebae7de5cd4dd5f336c2f56096104a.png
content-length: 19965
x-served-by: cache-dca17745-DCA, cache-dca17768-DCA, cache-fra19166-FRA
last-modified: Mon, 01 Feb 2021 01:41:01 GMT
server: cloudinary
x-timer: S1614588953.533113,VS0,VE1
etag: "3df6aa77e11a26a1cbf9977c38f1dfa2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 7234ea1ff53fdcdb8eb9e0517d9451b2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 90 KB
90 KB 15ms
15ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7234ea1ff53fdcdb8eb9e0517d9451b2.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: fbf9033c85b0f279f7f15449de61865e68ac92e2e1642ffd56188f959c002131

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1869036
edge-cache-tag: 533414635906324615643270993634715674247,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
expiration: expiry-date="Wed, 03 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7234ea1ff53fdcdb8eb9e0517d9451b2.jpg
content-length: 92061
x-served-by: cache-dca17728-DCA, cache-dca17759-DCA, cache-fra19166-FRA
last-modified: Sun, 31 Jan 2021 06:12:01 GMT
server: cloudinary
x-timer: S1614588953.537793,VS0,VE1
etag: "c3a579e40b44aecff47f1b464d96f009"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ Frame 256A 119 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e003f93a6943457ff1ad2cfee592e49bc0d598ee6ebf70432ec6cad2fd3ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 13600
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40881
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:09:10 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
637 B 7ms
7ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 4896
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn11570-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1614588951.995966,VS0,VE0
date: Mon, 01 Mar 2021 08:55:50 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 77
x-cache-hits: 8276

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 412ms
99ms Script
text/javascript 34.234.140.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=ea9d0989-9f5f-d865-0af8-4d71e2e4d400&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.140.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 01 Mar 2021 08:55:52 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 15 KB
7 KB 1175ms
113ms XHR
application/json 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=870&wid=3680&cb=9013.017653458215&pid=2617&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: f215b0ec7bce144052f3f5030bb9fd2af2bbea89036b8dd2bf9dc77d2cd26c3f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
x-amz-cf-id: QTxaVHljRfSewrM2oJGVye3BXMbqUUoPDWW2__jUWvOloiX_9xVmmQ==
via: 1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.3.2/ 91 KB
27 KB 12ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.3.2/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63ad4a549b2f0c41b83bdc668632a12d54f5b2d349a9dcbc6fcef18ad24f6a49

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront), 1.1 varnish
age: 526204
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 26675
x-served-by: cache-hhn11570-HHN
last-modified: Tue, 23 Feb 2021 06:45:16 GMT
server: AmazonS3
x-timer: S1614588953.558185,VS0,VE0
etag: "03e7b4553d76f5a5ddb9bf1653b880c7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dYKVpQdd7LRHRW09iEw8ETtJTBbXfy3yiZcuiQ2rdv4mC0LJ_hxKmQ==
x-cache-hits: 27590

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C0AC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

291 B
559 B

27ms
8ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: www5.smartadserver.com
URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=53988&async=1&visit=s&tmstp=6343376758&tag=sas_53988&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.correiodopovo.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 01 Mar 2021 08:55:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Mon, 01 Mar 2021 08:55:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 29 KB
10 KB 85ms
21ms Script
application/x-javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: www5.smartadserver.com
URL: https://www5.smartadserver.com/ac?nwid=1320&siteid=71754&pgid=541023&fmtid=53988&async=1&visit=s&tmstp=6343376758&tag=sas_53988&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fwww.correiodopovo.com.br%2F&noadcbk=sas.noad&isLazy=0&isAdRefresh=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FA8) /
Resource Hash: e61ae26ba2afb1ee3bfaff01839ac4f928bfdb15c28cf5d6bf2f0545cfed54d0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Mon, 15 Feb 2021 08:03:55 GMT
server: ECS (pab/6FA8)
age: 64369
etag: "38db4ee96478466f602c95eece02142a:1613376403.584664"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9940

GET
H3-Q050 200 iframe Show response
accounts.google.com/o/oauth2/ Frame C1CB 514 B
815 B 44ms
29ms Document
text/html 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2da2b05087bf988330fe9fb23323a1bca6fb7a8dfe0a956eabda25bb544bb66d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YD1+sJgrryMiDRq1zavWZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=fBHX8alaH72GC7-moFeuTcAeoBj43iAz9B7KzcgpZH-Ab4H5crxsofUBtwOORaEzlpLNEPwLrT8u_HVcevYyD4DeohbH_CcDjdLmegRlltrIjK-dI7iLlQ8P9H1tILClp-7stlpIlQPlPMFuIVpUYSHPuCRGBqSBJEiGndNEA6s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Mar 2021 08:55:51 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-YD1+sJgrryMiDRq1zavWZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 76CF 183 B
239 B 127ms
126ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=9668b2a9f23df379db5049e7c9043984b0f142ec

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 08:55:51 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 7d9352d34ebee902dccfe5de8365ea5d
strict-transport-security: max-age=631138519
content-length: 152

GET
H3-Q050 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame D3A2 113 B
282 B 39ms
39ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4afb080e97e9bbe34f12974c3eaa56a426c127baf5fd1664558cb185898de9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D3A2 29 B
91 B 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:41:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 834
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:56:57 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame D3A2 96 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 05:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 98557
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32547
x-xss-protection: 0
expires: Mon, 28 Feb 2022 05:33:14 GMT

GET
H2 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
www.google.com/js/bg/ Frame D3A2 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 12:25:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 246651
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Sat, 26 Feb 2022 12:25:00 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame D3A2 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 01:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 01:23:32 GMT
server: sffe
age: 26656
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9681
x-xss-protection: 0
expires: Tue, 01 Mar 2022 01:31:35 GMT

GET
H/1.1 200
OK 16145679673981_normal.jpg
digital2.correiodopovo.com.br/files/flip/CPOVO/9894/up/ Frame 417C 183 KB
184 KB 379ms
99ms Image
image/jpeg 3.232.160.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digital2.correiodopovo.com.br/files/flip/CPOVO/9894/up/16145679673981_normal.jpg
Requested by: Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.160.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 0453a1fc478b00f3c766bc8d4ece333d513f7cc5bdc648658383c71546c96486

Request headers

Referer: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Mon, 01 Mar 2021 08:55:51 GMT
Last-Modified: Mon, 01 Mar 2021 04:08:37 GMT
Server: Apache-Coyote/1.1
ETag: 16145679673981_normal.jpg_187829_1614571717000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public; max-age=31536000
Content-Disposition: inline; filename=16145679673981_normal.jpg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 187829
Expires: Thu, 18 Mar 2021 09:36:20 GMT

GET
DATA 200
OK truncated
/ Frame D3A2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnhPjf2CY-hOrlkq3KThxuXfnmURz9WT9cYC9Vc8iQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D3A2 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnhPjf2CY-hOrlkq3KThxuXfnmURz9WT9cYC9Vc8iQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 07:11:40 GMT
x-content-type-options: nosniff
age: 6251
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2270
x-xss-protection: 0
server: fife
etag: "v9f7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Mar 2021 07:11:40 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/KK4rspjgTu8/ Frame D3A2 41 KB
42 KB 36ms
15ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/KK4rspjgTu8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd834d51a954cfffa35f60c5d3271d93569b5e6dd30fe43b1442ced564e8cb47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
x-content-type-options: nosniff
server: sffe
etag: "1614542376"
vary: Origin
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42378
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:00:51 GMT

GET
H2 200 api.gif
v3.denakop.com/ 0
310 B 435ms
435ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=macOS&u=U9FtvOI0Skyi3yriMwYe%2Fg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588951270&cb=0.658526871016365

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088e9952e900002bf689881000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62912b317ca22bf6-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
29ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 151 KB
18 KB 439ms
439ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2731616042898406&correlator=3013127891517109&output=ldjh&impl=fifs&eid=21069918%2C31060169%2C31060299&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210301&iu_parts=21715141650%2Cdesktop_scroll%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F&cookie=ID%3D9ddf4375fc8b09b9-22aa87b0a0ba00b2%3AT%3D1614588950%3ART%3D1614588950%3AS%3DALNI_MbBUkRdpUxGqUuUghaa82khsN7L8A&bc=31&abxe=1&lmt=1614588951&dt=1614588951278&dlt=1614588949448&idt=505&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=7060%2C8809%2C0&adks=1038036820%2C1038036821%2C1540246807&ucis=1%7C2%7C3&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x-1%7C970x-1&msz=1600x-1%7C1600x-1%7C970x-1&ga_vid=1680029494.1614588950&ga_sid=1614588950&ga_hid=86977403&fws=4%2C4%2C516&ohw=1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65fc090e7549ce2dcb682ae55a4b7127a07b93876c074b9131e4e34b828d8c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c16a99a62ef593cfd8d8255dd040518c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 51ms
16ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c16a99a62ef593cfd8d8255dd040518c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 api.gif
v3.denakop.com/ 0
68 B 450ms
450ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=macOS&u=U9FtvOI0Skyi3yriMwYe%2Fg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588951284&cb=0.6623478068180311

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088e9952f600002bf675bce000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62912b318cbb2bf6-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 api.gif
v3.denakop.com/ 0
68 B 436ms
434ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=macOS&u=U9FtvOI0Skyi3yriMwYe%2Fg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588951285&cb=0.07473083206165976

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088e9952f700002bf6688d3000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62912b318cc22bf6-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3-Q050 200 3521791074-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame C1CB 73 KB
24 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/3521791074-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d50c0e118c13459c52e116eaecf03ed1de516a1f01dbc0b1eb3a025e9f89495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 02:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 03:27:24 GMT
server: sffe
age: 368528
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24621
x-xss-protection: 0
expires: Fri, 25 Feb 2022 02:33:43 GMT

GET
H3-Q050 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ 27 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e41d66da06e93ede378f82f3513d41c2f1163531b6f795845b4726be161ba9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 07:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 179748
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9287
x-xss-protection: 0
expires: Sun, 27 Feb 2022 07:00:03 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D3A2 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:51 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame D3A2 0
38 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?-xzoBA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/KK4rspjgTu8?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 subscribe_embed Show response
www.youtube.com/ Frame 072F 601 B
331 B 28ms
27ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=auth/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89a522c01101c4d9567f0b2c499ea22be4d1deb232150264f42c755e3c736bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=LXbq4QyOzA8; VISITOR_INFO1_LIVE=S37VkSzVLf4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 01 Mar 2021 08:55:51 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+671; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
152 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 02:33:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 368520
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 25 Feb 2022 02:33:51 GMT

GET
H3-Q050 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
117 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 05:52:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 270205
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 26 Feb 2022 05:52:26 GMT

GET
H3-Q050 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
397 B 9ms
7ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 21:33:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 386544
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Thu, 24 Feb 2022 21:33:27 GMT

GET
H3-Q050 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
202 B 9ms
7ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 11:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 510377
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Wed, 23 Feb 2022 11:09:34 GMT

GET
H3-Q050 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
195 B 9ms
7ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 10:51:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 165871
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Sun, 27 Feb 2022 10:51:20 GMT

GET
H3-Q050 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame C1CB 15 B
122 B 18ms
18ms XHR
application/json 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=172526348210-or5nfffa5l6rbsvruouad2070j7ngoec.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/3521791074-idpiframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Mon, 01 Mar 2021 08:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:55:51 GMT

GET
H3-Q050 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 072F 9 KB
3 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 03:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
age: 363616
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
expires: Fri, 25 Feb 2022 03:55:35 GMT

GET
H3-Q050 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 072F 149 KB
44 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 10:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
age: 167972
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
expires: Sun, 27 Feb 2022 10:16:19 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/ Frame 072F 119 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.3k1wIje1lec.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e003f93a6943457ff1ad2cfee592e49bc0d598ee6ebf70432ec6cad2fd3ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.3k1wIje1lec.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCNT4ir0QEJ6sXXAMZvqjav9vQSaLw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 20:08:03 GMT
server: sffe
age: 13601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40881
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:09:10 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011302221000/ Frame EC99 186 KB
53 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9503111432bbaa37cfef271c29162ec7a0ca26fb07805ce56f3697edf4f8d164

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53299
x-xss-protection: 0
server: sffe
date: Mon, 01 Mar 2021 04:45:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c4085b5c4f53ae82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 04:45:12 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EC99 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc1a4a6e75717031513499092fb0fcb294e4aaafd5aaf8c43094cf0dbea6a700

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 340420
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4856
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 10:22:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "18244ed4b9b02b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 10:22:12 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EC99 90 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d4cb802bba4faca9ccb1a8a9296b4174ca138667ef2dd5795661c91787581c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 180087
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27558
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 06:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3857c20c40bb64cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:54:25 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EC99 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5584d653470428a28ddf731d9fbc5bb6d71642b0b2d1a036db823371234cd7cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 249178
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:42:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "69b40b1afa9e263a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:54 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EC99 41 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a91569c88e09fb8ddfc1a433193dac8da4848c52577a0f5e424064eba88a7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154948
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12907
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 13:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87997b58d02876cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 13:53:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EC99 3 KB
1023 B 41ms
27ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 06:59:21 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:51 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16712137192714467582/ Frame EC99 36 KB
36 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16712137192714467582/downsize_200k_v1?w=600&h=314

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

774baa9745674ec13d5aba5ce78889489351a088b706f8a18bab4a13356c33c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 13:55:06 GMT
x-content-type-options: nosniff
age: 500445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36419
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 14:56:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 13:55:06 GMT

GET
DATA 200
OK truncated
/ Frame EC99 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EC99 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8385ad1e552f4d748f438cb50433deb79128ef85b08d45099daf7811f5cceba8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EC99 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
age: 47654
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 01 Mar 2021 19:41:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EC99 344 B
466 B 8ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 85831
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:05:20 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame EC99 0
0 15ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQS3E7VTwHcvZJz5HjDz4wTNeDK6_z6yfhvRxC4WniaoDPoKYtIQy42TIbDvheuN0hDzZve-09oaCKViM4AJ8XP45r-2A
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC99 0
0 44ms
43ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CG0LYF6w8YIqPFJiu7_UPhPOBoAibsrGLYYmH7-OrDKm_woSKGxABIKrTjGhglfrwgYwHoAH02syZA8gBCakCHs_zo0dBtD7gAgCoAwHIAwqqBOUBT9CMn9h7fdlOlaVYiPPYVcxEaKLlAJ6658a8dNgl-aSi4eWQqw8eUsc6MhfH4ujBOS1cDxSCZyodMAzy8lm2Y_JscrcYMrJbetLfo-ZmGZMv2jl8cJ09YVkLu7I1CpqO9NumoyE6EBTmagFdD4uLJnzBez_t9g6pDK3XBJbzLFapJOumO2gTIYHSH5pVmwWSw09IOaydMn6SxIUJYRj-ZWpCXwW0UlcL_FIT_LPb_5Iedrl3iYX3F85f-WEFoQd6-JtD2lPTygRRp3ItYIeqspiKBj1qRY0CfNvlOCth2WpgmSypy8AE_f6_iIkD4AQBkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQwPAG0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02MjAzNDE5OTUxNDMxOTEygAoDyAsB2BMMiBQDshcaChgIABIUcHViLTgxNzA5NjY1MzgxNTI1NDM&sigh=LgNDX1Ziv5k&template_id=5000&tpd=AGWhJmt_5tZTQwiHRo4-ZbeGlEscV0CeNRUanVK_yWe50UkRjg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011302221000/ Frame 4C1C 186 KB
52 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9503111432bbaa37cfef271c29162ec7a0ca26fb07805ce56f3697edf4f8d164

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53299
x-xss-protection: 0
server: sffe
date: Mon, 01 Mar 2021 04:45:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c4085b5c4f53ae82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 04:45:12 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 4C1C 13 KB
5 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc1a4a6e75717031513499092fb0fcb294e4aaafd5aaf8c43094cf0dbea6a700

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 340419
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4856
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 10:22:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "18244ed4b9b02b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 10:22:12 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 4C1C 90 KB
27 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d4cb802bba4faca9ccb1a8a9296b4174ca138667ef2dd5795661c91787581c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 180086
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27558
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 06:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3857c20c40bb64cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:54:25 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 4C1C 3 KB
1 KB 52ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5584d653470428a28ddf731d9fbc5bb6d71642b0b2d1a036db823371234cd7cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 249177
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:42:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "69b40b1afa9e263a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:54 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame 4C1C 41 KB
13 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a91569c88e09fb8ddfc1a433193dac8da4848c52577a0f5e424064eba88a7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154947
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12907
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 13:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87997b58d02876cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 13:53:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 4C1C 3 KB
607 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:34:05 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:51 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C1C 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
age: 47654
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 01 Mar 2021 19:41:37 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C1C 344 B
369 B 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 85831
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:05:20 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16712137192714467582/ Frame 4C1C 36 KB
36 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16712137192714467582/downsize_200k_v1?w=600&h=314

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

774baa9745674ec13d5aba5ce78889489351a088b706f8a18bab4a13356c33c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 13:55:06 GMT
x-content-type-options: nosniff
age: 500445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36419
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 14:56:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 13:55:06 GMT

GET
DATA 200
OK truncated
/ Frame 4C1C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4C1C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 847b27acbe1fcd505c165d032c8522fab550896f5e071f3fe379438397b847fc

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/042011302221000/ Frame EAB0 186 KB
53 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9503111432bbaa37cfef271c29162ec7a0ca26fb07805ce56f3697edf4f8d164

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15039
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53299
x-xss-protection: 0
server: sffe
date: Mon, 01 Mar 2021 04:45:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c4085b5c4f53ae82"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 04:45:12 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EAB0 13 KB
5 KB 47ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc1a4a6e75717031513499092fb0fcb294e4aaafd5aaf8c43094cf0dbea6a700

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 340419
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4856
x-xss-protection: 0
server: sffe
date: Thu, 25 Feb 2021 10:22:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "18244ed4b9b02b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 10:22:12 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EAB0 90 KB
27 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63d4cb802bba4faca9ccb1a8a9296b4174ca138667ef2dd5795661c91787581c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 180086
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27558
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 06:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3857c20c40bb64cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 06:54:25 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EAB0 3 KB
2 KB 40ms
34ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5584d653470428a28ddf731d9fbc5bb6d71642b0b2d1a036db823371234cd7cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 249177
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1347
x-xss-protection: 0
server: sffe
date: Fri, 26 Feb 2021 11:42:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "69b40b1afa9e263a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:54 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/042011302221000/v0/ Frame EAB0 41 KB
13 KB 42ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/042011302221000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a91569c88e09fb8ddfc1a433193dac8da4848c52577a0f5e424064eba88a7e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 154947
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12907
x-xss-protection: 0
server: sffe
date: Sat, 27 Feb 2021 13:53:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "87997b58d02876cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 13:53:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame EAB0 4 KB
651 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:06:02 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:51 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAB0 3 KB
3 KB 35ms
20ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
age: 47654
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 01 Mar 2021 19:41:37 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAB0 344 B
439 B 35ms
20ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js?31060299

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 85831
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:05:20 GMT

GET
DATA 200
OK truncated
/ Frame EAB0 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a5af4f4f0c57cac80887e9dfa56f079ac0e85c2f81c5b9ef121ad7bb713abac

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4C1C 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbt8Ba3sybW-qU1e5MPS7Q2CtzYoIbX-gQXkTVe7NJPDd_fIl9vKWWy0RcBbY-BbuNpp8b_QL40LTP8vzpbKX6dOE-RA
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4C1C 0
0 44ms
43ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CR3_1F6w8YIuPFJiu7_UPhPOBoAibsrGLYYmH7-OrDKm_woSKGxABIKrTjGhglfrwgYwHoAH02syZA8gBCakCHs_zo0dBtD7gAgCoAwHIAwqqBOgBT9AocfKp05gLLUqCEYLj7UsKtTZeVm-NMbhoUBzbthhjE5qj-PmMxfiUcibsKkYscHj76roj-ZSVMVt-iDb0TggUgd-3808DIN7mvLJC-MOuIVtQ4DRq3hpR1i5BD7kMt2w31AX91E0mKXZXO0IBww1mCR19gshFXbQpjrmqSJMvdedy-x0PCO4nENW6pMV1fDnPR77RLsh5z3Pkuw-KAjN-k4jEURTOCPzsTq3g-wSKKyr3nOWW9uuZM--buEm9-0g7UVwHdAqXaZ3HEeBFqCpp5n7kw1dbdAclRacRlyZ9GKXZzAAuPcAE_f6_iIkD4AQBkgUECAQYAZIFBAgFGASgBi6AB_Sks2aoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-bsE0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02MjAzNDE5OTUxNDMxOTEygAoDyAsB2BMMiBQDshcaChgIABIUcHViLTgxNzA5NjY1MzgxNTI1NDM&sigh=v4RZ5sF5PVM&template_id=5000&tpd=AGWhJmsZRgf9g0Em2QXdT7IRNk8ZiyGf0LNcBvAgZGtogc1DuA
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame EAB0 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMAIQQM2UhRwfEQp41dejbtsTussoxINgOBMI4YbQRyufaXGF_jpRfrzWwgG2QOumAQgSPo9sTcCuVDUEXZ0_eGlQBzw
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EAB0 0
0 44ms
43ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfw_yF6w8YIyPFJiu7_UPhPOBoAjLxvOlYMLuzqawC9zZHhABIKrTjGhglfrwgYwHoAGwi8nnAsgBAakCGcWnLIdGlD7gAgCoAwHIAwqqBOgBT9B6fljTv4m4RgD8ruEjC0kpyVEF8HMQGt1QbYz9Ue8PsGlX9y3ChEaS-jPYSM1tgrKJt1Uw3l8jo_MYLJ_DEYmbH4TfAjVBdEKLOEAkydnr09VgCecK4ZlUtAh8HXabbx98XuvVaY5iCIC1az_dXxSd35tnO44iO2et4OMVFQeJpir1RBjf9Of7O2RdQNjGeiyZcTQCzNNdi1F8i7d2-IimdllRrL4veZX3xEhI5fegmdjIu3q_tbt66XAl9KiTXkV25sxI-k-IcSa0ZcNnvCEUYQONIDe2qRSmjlYodlcqSqVrHdfF98AEu-6w2vsC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBlGAB7j0tpgBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJvbAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNjIwMzQxOTk1MTQzMTkxMoAKA8gLAdgTAogUArIXGgoYCAASFHB1Yi04MTcwOTY2NTM4MTUyNTQz&sigh=-EuDzGnAhvU&tpd=AGWhJmswEVCWBRoSPG7ezcofQXS7u3W_I6qERnSrS_U8GoGGjw
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EC99 14 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 181417
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:32:14 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame EC99 14 KB
14 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 62697
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:54 GMT

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4C1C 14 KB
14 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 181417
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:32:14 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 4C1C 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 62697
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:54 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EAB0 11 KB
11 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 254205
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:19:06 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EAB0 11 KB
11 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 277033
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:58:38 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EAB0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Mon, 01 Mar 2021 08:55:51 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/correiodopovo/log/3/ 0
72 B 28ms
28ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/correiodopovo/log/3/bulk?tvi2=4680&route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210301-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 01 Mar 2021 08:55:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1614588952.940176,VS0,VE9
x-served-by: cache-fra19166-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAB0 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
age: 47654
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 01 Mar 2021 19:41:37 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EAB0 344 B
369 B 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 85831
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:05:20 GMT

GET
H3-Q050 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C1C 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:41:37 GMT
x-content-type-options: nosniff
server: cafe
age: 47654
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Mon, 01 Mar 2021 19:41:37 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4C1C 344 B
369 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/042011302221000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
age: 85831
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 01 Mar 2021 09:05:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C0AC 31 KB
10 KB 27ms
27ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c2190bad56ab8a5460639bdb15f0639451d8feec9ddfbff2c6a7b5bf8fb27d95

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69302
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9307
Expires: Tue, 02 Mar 2021 04:10:54 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C0AC 284 B
536 B 356ms
29ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.630/ 253 KB
68 KB 23ms
7ms Script
application/javascript 2600:9000:2156:5800:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.630/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5800:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf307e5999fd36c3a6e0b16d7dff301cb750a83addca4c9800280ce17b8b28d8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 13:54:09 GMT
content-encoding: br
last-modified: Mon, 22 Feb 2021 13:01:57 GMT
server: AmazonS3
age: 586903
etag: W/"82806046096f48410b43376138437a67"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PEgxLk9HjpbB60L2dBkmOrJ9_pVXhSJEtlMHtFUbP1K2Ng7chmbbpw==

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
733 B 459ms
121ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.correiodopovo.com.br&l1=3680&l2=correiodopovo.com.br&l3=DE&l4=desktop&cb=0.912738921645436
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.630/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:53 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8D73 95 KB
34 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3C70 95 KB
34 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5685 95 KB
34 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame ED75 95 KB
34 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame D10F 95 KB
34 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9B8C 95 KB
34 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 51ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 02 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 8D73 227 KB
85 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 3C70 227 KB
85 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame ED75 227 KB
85 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame D10F 227 KB
85 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 5685 227 KB
85 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame 9B8C 227 KB
85 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8D73 210 B
391 B 41ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

674d41d3c4e19e172d0235c77f07c271f5fe3ecb6714c92e317a5c2ef66bd3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8D73 107 B
146 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8D73 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57F0 104 KB
34 KB 205ms
205ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f9e8d6e4c2df663293d6569aed813592b7ff5eadb98833ee5e489966b2a5c31

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2_9cfcju8CFae17Qodjr4AMg&gqi=GKw8YP6gMIOCmwe977uwCA&layout=/sadbundle/%24csp%253Der3%24/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlBmk6IN_FNy6W8bj7bjWwaHZqMPhHmoeovN0YPIcKpUnzoB6a38_k1TDu116M; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2_9cfcju8CFae17Qodjr4AMg&gqi=GKw8YP6gMIOCmwe977uwCA&layout=/sadbundle/%24csp%253Der3%24/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:52 GMT
server: cafe
content-length: 34247
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D73 74 KB
28 KB 72ms
58ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3C70 210 B
225 B 41ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c950cfbe226b1b95a83eda29aadb9c874c016f2f051bd22887544225a6ad1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3C70 107 B
123 B 17ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3C70 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98F4 72 KB
24 KB 373ms
372ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f074385e2864a5e995902ca76b1c5cdb801d31e4b09b48706b7c9b8c40dc770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlBmk6IN_FNy6W8bj7bjWwaHZqMPhHmoeovN0YPIcKpUnzoB6a38_k1TDu116M; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:53 GMT
server: cafe
content-length: 24531
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C70 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 49ms
23ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 02 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5685 210 B
226 B 39ms
39ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef03cab85370b22d99532517f3a8b6cb9176735c3c74e768db10aac78dec3a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5685 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5685 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C040 95 KB
34 KB 283ms
282ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b68564ec3b427e1e55a2037cc1d288f9f23bb66815df1bda4f1014c509a1f8ea

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPXt-sfcju8CFZra7QodAFECmQ&gqi=GKw8YPrRNfa-1fAPvZ20uAU&layout=/sadbundle/%24csp%253Der3%24/10630745804711636146/336x280px/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlBmk6IN_FNy6W8bj7bjWwaHZqMPhHmoeovN0YPIcKpUnzoB6a38_k1TDu116M; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPXt-sfcju8CFZra7QodAFECmQ&gqi=GKw8YPrRNfa-1fAPvZ20uAU&layout=/sadbundle/%24csp%253Der3%24/10630745804711636146/336x280px/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:53 GMT
server: cafe
content-length: 34494
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5685 74 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D10F 210 B
222 B 42ms
42ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c0035ac40c173ad270ced76a6e233d28467b558475e2a9aee2ee6ed868a6071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame D10F 107 B
123 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame D10F 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6630 92 KB
34 KB 297ms
296ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55f0b13a634a1ffcf2a9f056762e050277c42af176cc1bdc984b54d93452bcad

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuY_Mfcju8CFRTx7Qodw64Jag&gqi=GKw8YKPsNuLWxgONzblg&layout=/sadbundle/%24csp%253Der3%24/12140051774600186711/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlBmk6IN_FNy6W8bj7bjWwaHZqMPhHmoeovN0YPIcKpUnzoB6a38_k1TDu116M; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuY_Mfcju8CFRTx7Qodw64Jag&gqi=GKw8YKPsNuLWxgONzblg&layout=/sadbundle/%24csp%253Der3%24/12140051774600186711/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:53 GMT
server: cafe
content-length: 34082
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D10F 74 KB
28 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame ED75 210 B
221 B 40ms
40ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7814584fd77aa32005c2daad70a2923ff6fff75f856c8441f62d6b59ee7b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame ED75 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame ED75 107 B
123 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C5E 92 KB
34 KB 287ms
286ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

705e3eab1ec3f9786202cd72f4f570282aaacdc55f4067ffa37c33a520ee7ba3

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGw_cfcju8CFUjw7QodEUIKbw&gqi=GKw8YLiOOJLV1fAPi4qJiAc&layout=/sadbundle/%24csp%253Der3%24/10630745804711636146/336x280px/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlBmk6IN_FNy6W8bj7bjWwaHZqMPhHmoeovN0YPIcKpUnzoB6a38_k1TDu116M; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGw_cfcju8CFUjw7QodEUIKbw&gqi=GKw8YLiOOJLV1fAPi4qJiAc&layout=/sadbundle/%24csp%253Der3%24/10630745804711636146/336x280px/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:53 GMT
server: cafe
content-length: 33545
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED75 74 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame CB30 1 KB
667 B 28ms
25ms Document
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.2/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 89db1083db4741cbb8efac4796e50b7b8ff0f16c459fa9b8ce91089e6c8f3b41

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Mon, 01 Mar 2021 08:55:52 GMT
via: 1.1 varnish
x-served-by: cache-fra19166-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1614588953.921323,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 0113 1 KB
1 KB 29ms
21ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.2/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 060b84c1bf53e12b7dbf7e3bc9a16f0b49b3f5f04f23780a68db74a5b9d0eb07

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=49d5351f-9c9a-4459-bd81-9e50f556854c-tuct7363196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
date: Mon, 01 Mar 2021 08:55:52 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
976 B 272ms
270ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1614588952917&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1200&pt=-949398558&tz=60&viewable=true&ddast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.2/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 13d136fd1cbdea1f1c421e70a69de59ac5e962e4e3f06536486613a6010e54a7

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiodopovo.com.br
machineid: 1457
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19166-FRA
pragma: no-cache
server: nginx
x-timer: S1614588953.924371,VS0,VE255
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 23ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=31589837&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1614588948964.8809!ts:1614588952911&mntl=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-length: 0
server: nginx

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9B8C 12 B
58 B 44ms
43ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-6379854420851476&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-35-156-153-71.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9B8C 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br&meb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9B8C 107 B
123 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br&meb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F068 105 KB
34 KB 245ms
244ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6af3657d6017ec870ea48e6ced7b39af3d86bf36d3bc90aab50a36928c3b8868

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJPPgMjcju8CFSGD7QodMXAL1w&gqi=GKw8YI21O7HUxgPmtaf4Ag&layout=/sadbundle/%24csp%253Der3%24/4889942129425517684/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlBmk6IN_FNy6W8bj7bjWwaHZqMPhHmoeovN0YPIcKpUnzoB6a38_k1TDu116M; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJPPgMjcju8CFSGD7QodMXAL1w&gqi=GKw8YI21O7HUxgPmtaf4Ag&layout=/sadbundle/%24csp%253Der3%24/4889942129425517684/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 01 Mar 2021 08:55:53 GMT
server: cafe
content-length: 34281
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B8C 74 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:52 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EAB0 42 B
157 B 46ms
45ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHXQBSOzOjRtQnACxrdS-sbLTUGcxmiFaPmuSQDSKkOY41KwotCDkRzCxWlMuntrUEGGWZ_UqqLpsCi5fczlALch-XmWc6EqD5zaxLR60byDvjLJ-TlOruHCSmPg&sai=AMfl-YR4jpokoLxobvUhpU0H1wzhI00kAgjyF02n_-dxHVDUSE0KSj5z3uLlD5tn4UTyvmkD-edMBn3zBRJUdPFvvaZNXsnSeWB3ahCqMGiw0nJWorG3Xc3R8SaqylyG&sig=Cg0ArKJSzIeaDZYRgJhlEAE&cid=CAASF-Rod-pUnd3km9C8yX-talyY_tMVx1Wm&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=107&tls=1118&g=100&h=100&tt=1118&r=v&avms=ampa&adk=1540246807

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.min.css
vacina.saude.rs.gov.br/vendor/fontawesome-free/css/ Frame 2995 55 KB
15 KB 342ms
339ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "dcc5-592af5a54eb00"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 14961

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 2995 22 KB
1 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1bbf20f63a996b980448f834b56fd5f76c141d19eb2b25b98fc53779f8e0e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:35:38 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H2 200 sb-admin-2.css
vacina.saude.rs.gov.br/css/ Frame 2995 199 KB
42 KB 580ms
578ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/css/sb-admin-2.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 5d323ca7e84355135f7ccf74f1d489f664f761699c3b80b0b0e7a1950e4affbf

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 14:39:19 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "31c82-5b92dafe5e520"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 42629

GET
H2 200 dataTables.bootstrap4.min.css
vacina.saude.rs.gov.br/vendor/datatables/ Frame 2995 5 KB
1 KB 340ms
338ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "1466-592af5a54eb00"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1284

GET
H2 200 style.css
vacina.saude.rs.gov.br/css/ Frame 2995 1 KB
723 B 287ms
285ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/css/style.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 6f2721a24a2fb411c82386841adb8c4e94ffdcfb98d92d694a7b6ad4ccf46036

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 01:36:03 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "450-5a7382ae49482"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 629

GET
H2 200 leaflet.css
vacina.saude.rs.gov.br/css/ Frame 2995 10 KB
3 KB 340ms
338ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/css/leaflet.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 2dd3a16d7f7aa49de297a389dbe58d118e0480351ddffe58abc2b78d4942c48d

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 21:21:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "27c5-5a70c5fb7628a"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3075

GET
H2 200 MarkerCluster.css
cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/ Frame 2995 366 B
533 B 12ms
9ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/MarkerCluster.css

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16faaebf3d9fb236d29189cdc15d6f9a257ebf0ac6487f0f000ba79a53a64b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1125008
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121
cf-request-id: 088e9959dc00003128c931f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-16e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mQ1iaRV%2Fp1z9suzT6r8PdE3%2BrP3qXFiGLO0TYvJV5D%2BpuNVHOUER5wKvN3YoPx0tCMwuzvoCvrclv%2BzGzk9sJDaOLR0mBRDoSw2cKos0qXdMPNRuL%2BwhpNA35io76wBw3A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62912b3c9eaa3128-FRA
expires: Sat, 19 Feb 2022 08:55:53 GMT

GET
H2 200 MarkerCluster.Default.css
cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/ Frame 2995 1 KB
633 B 15ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/MarkerCluster.Default.css

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61258232d98d64dc2a7b1e02130d67421bc5b9bda5994eef70228ff97570c170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3409058
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 308
cf-request-id: 088e9959dd000031289f9aa000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-507"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QlRmNxjCjSGM4SBoTLwuKgDSKEiqn9Ze7ZcJzTH5RurSiE6abzldMxDWT1Uo7%2BFpVTt89LJbpwZ%2BWR1NlcUV0V0Nf5No6qmIC4lQILoTjnsumVE%2F3tqTA2U891FUcAj%2Bfw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62912b3c9ead3128-FRA
expires: Sat, 19 Feb 2022 08:55:53 GMT

GET
H2 200 leaflet.js Show response
vacina.saude.rs.gov.br/js/ Frame 2995 123 KB
44 KB 341ms
339ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/js/leaflet.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: be41933bb8a9bca755332bdda6edb221d8f203a6f5f65d5c09e4cae8f920467b

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:52 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 21:20:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "1eb15-5a70c5c934a58"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 45423

GET
H2 200 leaflet.markercluster.js Show response
cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/ Frame 2995 28 KB
7 KB 14ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/leaflet.markercluster/0.4.0/leaflet.markercluster.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d760833be9a1b24624f848d22411f05f7ca40ae915617365e453c249d2712d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1123714
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6517
cf-request-id: 088e9959dd00003128bcb32000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-6e7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5LoZ9v6HzMav69%2Bmn4NpOMNK2X1SiVNvIM6KHAU9zGwPYwFnfNeFoOgTw6def5zYgdIcE3nhI4WxTwDqjIX21%2B3DkYwMAGhwUXR1I5eDPU9BpfeXHCqI9FyNuRPO7yIKwA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62912b3c9eae3128-FRA
expires: Sat, 19 Feb 2022 08:55:53 GMT

GET
H2 200 leaflet.label.js Show response
leaflet.github.io/Leaflet.label/ Frame 2995 8 KB
2 KB 24ms
21ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://leaflet.github.io/Leaflet.label/leaflet.label.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 4d5479c277589e9620d1a95d55c77b68684e8e11e9baf6620303f254d9b3b375

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 19786aca9ab0fd3fc4f1f32ae18d11bfe6176e04
date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
age: 539
x-cache: HIT
content-length: 2279
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Fri, 01 Aug 2014 20:36:20 GMT
server: GitHub.com
x-github-request-id: 8B70:DB02:1B0E8:1D97E:6025C402
x-timer: S1614588953.067721,VS0,VE0
etag: W/"53dbfa44-201e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 11 Feb 2021 23:59:04 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 2

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 2995 137 KB
53 KB 53ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-61N8QP7DNJ

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7634e9a4ca74a50356b59d92f015833608cd0b4211da5a4277b5fb40d788aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53616
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H2 200 coronavirus.png
vacina.saude.rs.gov.br/img/ Frame 2995 87 KB
88 KB 252ms
252ms Image
image/png 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vacina.saude.rs.gov.br/img/coronavirus.png
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
last-modified: Mon, 16 Mar 2020 17:04:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "15dfd-5a0fbcee37b55"
content-type: image/png
accept-ranges: bytes
content-length: 89597

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame CB30 43 B
183 B 281ms
106ms Image
image/gif 2600:1f18:612b:4216:5e41:f643:f5d9:712d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:5e41:f643:f5d9:712d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame CB30 0
124 B 18ms
16ms Script
text/plain 35.156.153.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame CB30
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed907109-7a6b-11eb-8fe5-1e588e902506&orig=video&us_privacy=1---

0
229 B

22ms
21ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed907109-7a6b-11eb-8fe5-1e588e902506&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.41.34.201:10213
date: Mon, 01 Mar 2021 08:55:53 GMT
server: nginx
x-fastly-to-nlb-rtt: 15813

Redirect headers

Date: Mon, 01 Mar 2021 08:55:53 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed907109-7a6b-11eb-8fe5-1e588e902506&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame CB30 43 B
145 B 18ms
16ms Image
image/gif 35.156.143.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.143.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 0113 43 B
182 B 279ms
106ms Image
image/gif 2600:1f18:612b:4216:5e41:f643:f5d9:712d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:5e41:f643:f5d9:712d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 0113 0
124 B 93ms
92ms Script
text/plain 35.156.153.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-153-71.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 0113
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed947c1a-7a6b-11eb-a1b1-141922060d06&orig=video&us_privacy=1---

0
228 B

23ms
22ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed947c1a-7a6b-11eb-a1b1-141922060d06&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.199:10213
date: Mon, 01 Mar 2021 08:55:53 GMT
server: nginx
x-fastly-to-nlb-rtt: 15813

Redirect headers

Date: Mon, 01 Mar 2021 08:55:53 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=ed947c1a-7a6b-11eb-a1b1-141922060d06&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 84
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 0113 43 B
145 B 16ms
15ms Image
image/gif 35.156.143.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.143.112 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/ Frame 37CD 29 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1b15b7a89aa8635a7e38fa4ab6a0e2c0acba6fcb125e6b2cc53ab70e4a52276

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 27 Feb 2021 10:59:15 GMT
expires: Sun, 27 Feb 2022 10:59:15 GMT
last-modified: Tue, 16 Feb 2021 11:25:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 3629
age: 165398
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame E6C3 18 KB
8 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:53:04 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E6C3 3 KB
2 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6C3 107 KB
33 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame E6C3 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:39 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E6C3 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5tsuObKnzcRD1nbR6Gk80-WtS4mOa-n_ztjEpxPNSLTv7k2gQZc3-btcyLcVEjoP0_y9iP4yiQVQ08Q27PAo02lsz3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6C3 0
25 B 43ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=prtdiff&eq=false&caller=html5_web&first=%5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%22google_ad_498736856302%22%2Cnull%2Cnull%2C1%2Ctrue%2C300%2Cnull%2Cnull%2C%222780162710%22%5D&second=%5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%22google_ad_498736856302%22%2Cnull%2Cnull%2Cnull%2C1%2C300%2Cnull%2Cnull%2C%222780162710%22%5D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame E6C3 0
433 B 77ms
41ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI2_9cfcju8CFae17Qodjr4AMg&gqi=GKw8YP6gMIOCmwe977uwCA&layout=/sadbundle/%24csp%253Der3%24/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=90&slotname=BM_SuperBanner&adk=16827289&adf=3151381805&pi=t.ma~as.BM_SuperBanner&w=970&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952693&bpp=9&bdt=37&idt=65&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=2&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=162809225&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=2536&biw=1600&bih=1200&isw=980&ish=90&ifk=2532962522&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=2429738412818777&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.f6jpm8gb4m8i&btvi=1&fsb=1&dtd=79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 37CD 9 KB
3 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 37CD 22 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 37CD 4 KB
675 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

754fac4810074e8a762844e6929031a73054640d0a51e8428653762553e0a3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:03:57 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/images/ Frame 37CD 2 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/images/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a23f4c0e409deeb4a5667a3969dd999a10b48a6fa4d6dc94ea931a09b567728

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 272586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 11:25:52 GMT
server: sffe
date: Fri, 26 Feb 2021 05:12:47 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 05:12:47 GMT

GET
H3-Q050 200 textbox.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/images/ Frame 37CD 3 KB
2 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/images/textbox.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4c2c5745d45340cead7b9f630217b853fd4246d8227904d8aa43edaedf77b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 165398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 11:25:52 GMT
server: sffe
date: Sat, 27 Feb 2021 10:59:15 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:59:15 GMT

GET
H3-Q050 200 bild.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/images/ Frame 37CD 37 KB
37 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/images/bild.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5950751338611383122/Walbusch_Kent_Aktiv-AT-DE_728x90/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508198f26ba20cd31af1a2b897bf25c050e497c755760c0f7ae83a1017d38a99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 233885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37769
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 11:25:52 GMT
server: sffe
date: Fri, 26 Feb 2021 15:57:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 15:57:48 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 37CD 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 06:09:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 441987
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 24 Feb 2022 06:09:26 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 37CD 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 13:07:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 416901
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 24 Feb 2022 13:07:32 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2F96
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

291 B
559 B

8ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&cmcv=&pix=undefined&cb=1614588952912&uv=2931&tms=1614588952912&abt=206725b_vA!adh4c_vC!inrec_vB!lf2_vA!nrlc_vA!spa2_vB!t45&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=D2C0A137AC3821216151131617234&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 01 Mar 2021 08:55:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 01 Mar 2021 08:55:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5F9B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

291 B
559 B

11ms
10ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4ddc003bfd0366a9c5e059509b3bac51972a8e803904b2a90b6b5c5ee7b26720

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 01 Mar 2021 08:55:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Mon, 01 Mar 2021 08:55:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
DATA 200
OK truncated
/ Frame E6C3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36926bf8d45850caef77ae5c70bd7f71c93c1feccf036933a3ed2a9085d85c0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/29_3_1/infra/ 680 KB
123 KB 274ms
10ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_3_1/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.2/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 17eb8a0542347000a7616a5dbd1d3fbc523484cfadda53ea9ff1103d1b7f8c33

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
via: 1.1 varnish
age: 420824
x-amz-meta-mtime: 1614167925
x-cache: HIT
x-amz-meta-ctime: 1614168083
x-amz-meta-mode: 33188
content-encoding: br
content-length: 125070
x-amz-id-2: xMIylH7HJSwt1k8VMCrFwsOFprzu5RMFm3WNQeakl8d8fbKYklnrZuamBSXfg4I20ZaFCdVYGCE=
x-served-by: cache-hhn11534-HHN
accept-ranges: bytes
last-modified: Wed, 24 Feb 2021 12:01:25 GMT
server: AmazonS3-br
x-timer: S1614588953.488686,VS0,VE0
etag: "8dc09628508887715420e9743279230d"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 7A5D7DBF50B5FF6A
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 64056

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_3_1/assets/css/ 57 KB
8 KB 8ms
7ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_3_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.3.2/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7427a116d79e96b86d83e53a1008f2a7bdf70f5bef2f5756edb2da0c73519808

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
via: 1.1 varnish
age: 420828
x-amz-meta-mtime: 1614167925
x-cache: HIT
x-amz-meta-ctime: 1614168040
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7702
x-amz-id-2: 9xi/9ZfxNF/GLOj7hhch3uUUGePe2xxiUx/IpoltJ+GmjyNIur0atqY/h0mPHIQIJIua5oKDD+Y=
x-served-by: cache-hhn11570-HHN
accept-ranges: bytes
last-modified: Wed, 24 Feb 2021 12:00:41 GMT
server: AmazonS3-br
x-timer: S1614588953.223253,VS0,VE0
etag: "f265691e8bdb158dc63dacde1204f88c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 5BFBDDAD4A9C6ADD
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 689878

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D73 8 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cda0db5b5853a97cab3e141fcc8237f0c5eed5e00586a9b684be397cd089ee34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6465
x-xss-protection: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 21ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 02 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame C040 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:53:04 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame C040 3 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C040 107 KB
33 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame C040 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:39 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C040 0
0 16ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtVchYvL-eDC_J-zZYj7YbrwkdAM6Av5xdZFGOHcyc3p7N5CHJb57eQ5tAcjJaTroTlsAJ-Wld8hyp9giBNEOTvRsDzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 98F4 3 KB
607 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 06:57:25 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/ Frame 0533 25 KB
7 KB 8ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c8ebb35c6e48c752c8900855f0fbc3dc6467243580fc9d71666afd0bb7d015

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 25 Feb 2021 13:59:55 GMT
expires: Fri, 25 Feb 2022 13:59:55 GMT
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 5418
age: 327358
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D73 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
pagead2.googlesyndication.com/bg/ Frame 37CD 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 13409
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:12:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2F96 31 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c2190bad56ab8a5460639bdb15f0639451d8feec9ddfbff2c6a7b5bf8fb27d95

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69301
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9307
Expires: Tue, 02 Mar 2021 04:10:54 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/ Frame E029 62 KB
15 KB 8ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d67694d04f0aaf465451d2533e2f2db39f465739ef951443acb707e9337300d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12140051774600186711/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 25 Feb 2021 01:24:42 GMT
expires: Fri, 25 Feb 2022 01:24:42 GMT
last-modified: Thu, 21 May 2020 09:27:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 14927
age: 372671
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 6630 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:53:04 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6630 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6630 107 KB
33 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 6630 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:39 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 6630 0
0 20ms
19ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRRc1_mJPAcnlSS4g25uts4fWDPoFyDUBH50W3GE3sJU_0vJqlGF-9UZU5X_DYpD6a9P0hZ5S8Sn2Gked2S0aOCNCcrQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 98F4 2 KB
992 B 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:46:38 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 98F4 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:53:04 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 98F4 3 KB
2 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98F4 107 KB
33 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 98F4 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:39 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 98F4 0
0 17ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgBT3Yz2-G4PKXAR248mEbC_uPu_rVE6MX789U-ZRMoHpWifa48RCOkEuL0HVBcCsCW1GLNeQo-_ZZUcI1dn2E7Pce4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 5d4b6918ba53c75bacf90c3e9a55021e.js Show response
www.gstatic.com/mysidia/ Frame 98F4 25 KB
11 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d4b6918ba53c75bacf90c3e9a55021e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292e3b9fa7eff78d18f9f28e666f940c96696c6a2aa4dd543227f82d0c6c21c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 09:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 01:31:13 GMT
server: sffe
age: 83172
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10833
x-xss-protection: 0
expires: Sat, 29 May 2021 09:49:41 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5F9B 31 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c2190bad56ab8a5460639bdb15f0639451d8feec9ddfbff2c6a7b5bf8fb27d95

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Mar 2021 08:55:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 20:32:24 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=69301
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9307
Expires: Tue, 02 Mar 2021 04:10:54 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/ Frame 37AF 25 KB
7 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c8ebb35c6e48c752c8900855f0fbc3dc6467243580fc9d71666afd0bb7d015

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 25 Feb 2021 13:59:55 GMT
expires: Fri, 25 Feb 2022 13:59:55 GMT
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 5418
age: 327358
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16712137192714467582/ Frame 98F4 18 KB
18 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16712137192714467582/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d656833adb546296b5298bb691a03aeb1935e8faa68ae6fddd5033ac58a5d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 10:15:10 GMT
x-content-type-options: nosniff
age: 168043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18231
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 14:56:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:15:10 GMT

GET
DATA 200
OK truncated
/ Frame 98F4 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 2C5E 18 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:53:04 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 2C5E 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C5E 107 KB
33 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 2C5E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:39 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 2C5E 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8_Bid3HN-opyVM0_08N_M7O6tG2supkf3tqSqNgZNgesp7r7os-HAnyg13c6JDiZa1PI4BPlO1RdhH2EUSOE3A_FJ0Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/ Frame A8F7 70 KB
18 KB 11ms
9ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b957b18d01182aaa792c05a9a43483d2e4181098e6237ffdc6e84ff5b15ba11

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4889942129425517684/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 25 Feb 2021 02:35:28 GMT
expires: Fri, 25 Feb 2022 02:35:28 GMT
last-modified: Tue, 01 Oct 2019 10:57:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 17385
age: 368425
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 9265 18 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:53:04 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9265 3 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9265 107 KB
33 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9265 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 08:55:39 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9265 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVMvcsX4q-JnhtNxMnOvpA3oJHjrchg6AsYwEwTF0jPE7TMd1Hnljj2jVKRV1SBnkS8W3N7BngdnRyIa1zGTIhCPJHmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2F96 284 B
536 B 29ms
29ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame C040 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c25ad16373a8bd861f085d1f4610696809777d635cf26e11a7f2730a3cc7c584

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6D00 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=600&slotname=3964855912&adk=117014835&adf=3151381804&pi=t.ma~as.3964855912&w=300&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952703&bpp=3&bdt=41&idt=86&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=2022140830&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1052&ady=5990&biw=1600&bih=1200&isw=300&ish=600&ifk=913504537&scr_x=0&scr_y=0&eid=44731610&oid=3&pvsid=111353059695803&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qb0h7024yszh&btvi=1&fsb=1&dtd=100

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Feb 2021 15:30:58 GMT
expires: Mon, 01 Mar 2021 15:30:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 62695
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5F9B 284 B
536 B 23ms
23ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C040 0
23 B 40ms
39ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPXt-sfcju8CFZra7QodAFECmQ&gqi=GKw8YPrRNfa-1fAPvZ20uAU&layout=/sadbundle/%24csp%253Der3%24/10630745804711636146/336x280px/index.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381795&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952731&bpp=4&bdt=63&idt=113&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=641415193&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=7562&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=3985135742643439&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.o9qt9tocwvng&btvi=1&fsb=1&dtd=130
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 23ms
22ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 02 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 27A8 12 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Mon, 01 Mar 2021 08:45:57 GMT
expires: Tue, 01 Mar 2022 08:45:57 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 596
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6630 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baeb7ca2303024cab17503056068cfd74d28ec28af0ba46fa08ff2f8e18434fe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 6630 0
23 B 46ms
45ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuY_Mfcju8CFRTx7Qodw64Jag&gqi=GKw8YKPsNuLWxgONzblg&layout=/sadbundle/%24csp%253Der3%24/12140051774600186711/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 98F4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a755e649ab1e33fde901ea6cb2734d020dd1dc3518cd119e667829295981b3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 98F4 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 181419
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:32:14 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 98F4 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 62699
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:54 GMT

GET
DATA 200
OK truncated
/ Frame 2C5E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6b2a317fb4fc5d345120f3240a592881acde9a5d4afd316c929503cf759149f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 2C5E 0
23 B 42ms
41ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNGw_cfcju8CFUjw7QodEUIKbw&gqi=GKw8YLiOOJLV1fAPi4qJiAc&layout=/sadbundle/%24csp%253Der3%24/10630745804711636146/336x280px/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381794&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952722&bpp=4&bdt=51&idt=166&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1745264483&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=3785&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C31060288&oid=3&pvsid=3971506457725027&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kmlrnchrffm0&btvi=1&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0533 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0533 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 SZPlus_Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 4 KB
3 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/SZPlus_Logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a871c50b9af46203eac3c10ec31a5a4379c952d9941902e3a281ad62dd0ac7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 165699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1587
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Sat, 27 Feb 2021 10:54:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:54:14 GMT

GET
H3-Q050 200 ipad.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 18 KB
19 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ipad.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9fbd710193207493bc35f6c83d5654b021ff7f3348f558e04116d015f5f307

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 249210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18881
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 11:42:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:23 GMT

GET
H3-Q050 200 phone.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 10 KB
10 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/phone.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50c76d6daa447e6dbce93366c95f320be4a1280627fd2d00f7a677503c446477

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 256359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10509
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 09:43:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 09:43:14 GMT

GET
H3-Q050 200 stoerer.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 6 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/stoerer.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e591865fbcb696016e24a45f756c814fcdf6a3c4baf62a1e005caabb43b2419

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 249210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2438
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 11:42:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:23 GMT

GET
H3-Q050 200 text_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 11 KB
4 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/text_01.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb9084b15077bef34f89531e897347ac121c82a56bd68df1e72ce11747ebabc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 327358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3915
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Thu, 25 Feb 2021 13:59:55 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 13:59:55 GMT

GET
H3-Q050 200 text_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 8 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/text_02.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aba15bc99e9d14033ad8c9c774652238f5d75bbab22981bb1cfd4428c6185e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 327358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2836
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Thu, 25 Feb 2021 13:59:55 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 13:59:55 GMT

GET
H3-Q050 200 text_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 6 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/text_03.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02680a8a95da2d91109f85ba53de1145cd4f317e98fca1b069cf9f25bb93599

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 256359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2292
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 09:43:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 09:43:14 GMT

GET
H3-Q050 200 button.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 0533 3 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/button.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad749a129e808b621b31f7b9d5b5c0f435c14bf8b64a2452a13212a210fa90e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 256359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1289
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 09:43:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 09:43:14 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E029 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 02 Mar 2021 04:25:41 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E029 22 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12140051774600186711/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
DATA 200
OK truncated
/ Frame 9265 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14caa73a2f6d59ed8f9701b8ce625030c8a92d475271db2a8e46ef98d9ce9042

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 37AF 9 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 37AF 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 SZPlus_Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 4 KB
2 KB 6ms
5ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/SZPlus_Logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a871c50b9af46203eac3c10ec31a5a4379c952d9941902e3a281ad62dd0ac7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 165699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1587
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Sat, 27 Feb 2021 10:54:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Feb 2022 10:54:14 GMT

GET
H3-Q050 200 ipad.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 18 KB
18 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ipad.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9fbd710193207493bc35f6c83d5654b021ff7f3348f558e04116d015f5f307

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 249210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18881
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 11:42:23 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:23 GMT

GET
H3-Q050 200 phone.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 10 KB
10 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/phone.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50c76d6daa447e6dbce93366c95f320be4a1280627fd2d00f7a677503c446477

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 256359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10509
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 09:43:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 09:43:14 GMT

GET
H3-Q050 200 stoerer.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 6 KB
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/stoerer.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e591865fbcb696016e24a45f756c814fcdf6a3c4baf62a1e005caabb43b2419

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 249210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2438
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 11:42:23 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 11:42:23 GMT

GET
H3-Q050 200 text_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 11 KB
4 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/text_01.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb9084b15077bef34f89531e897347ac121c82a56bd68df1e72ce11747ebabc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 327358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3915
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Thu, 25 Feb 2021 13:59:55 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 13:59:55 GMT

GET
H3-Q050 200 text_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 8 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/text_02.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aba15bc99e9d14033ad8c9c774652238f5d75bbab22981bb1cfd4428c6185e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 327358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2836
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Thu, 25 Feb 2021 13:59:55 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 13:59:55 GMT

GET
H3-Q050 200 text_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 6 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/text_03.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02680a8a95da2d91109f85ba53de1145cd4f317e98fca1b069cf9f25bb93599

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 256359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2292
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 09:43:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 09:43:14 GMT

GET
H3-Q050 200 button.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/ Frame 37AF 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/img/button.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10630745804711636146/336x280px/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad749a129e808b621b31f7b9d5b5c0f435c14bf8b64a2452a13212a210fa90e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 256359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1289
x-xss-protection: 0
last-modified: Wed, 29 Apr 2020 11:18:23 GMT
server: sffe
date: Fri, 26 Feb 2021 09:43:14 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 09:43:14 GMT

POST
H3-Q050 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9265 0
23 B 68ms
43ms Other
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJPPgMjcju8CFSGD7QodMXAL1w&gqi=GKw8YI21O7HUxgPmtaf4Ag&layout=/sadbundle/%24csp%253Der3%24/4889942129425517684/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381792&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952736&bpp=3&bdt=57&idt=204&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9-22c29381a1ba0084%3AT%3D1614588952%3ART%3D1614588952%3AS%3DALNI_MbEoiWeZq618nM3rOXfE6JPQ6g_dA&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1583554850&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8828&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=42530671%2C44731610%2C182982200%2C21068944%2C31060030%2C21069711&oid=3&pvsid=1767198347778095&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yy7ulbn85tz4&btvi=1&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.gif
v3.denakop.com/ 0
197 B 445ms
445ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=macOS&u=U9FtvOI0Skyi3yriMwYe%2Fg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588953846&cb=0.7379060864234512

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088e995cf900002bf6a4397000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62912b418fdc2bf6-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
18 KB 7ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_3_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:53 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 varnish
age: 2172315
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn11570-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1614588954.895690,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RuZTYf9ZWA96SQeo8HHRHLcCv200QVgjNg5SQ7cxYBxr9Ka4rjgQ-w==
x-cache-hits: 3538916

GET
H2 200 api.gif
v3.denakop.com/ 0
68 B 459ms
459ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=macOS&u=U9FtvOI0Skyi3yriMwYe%2Fg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588953906&cb=0.5305577963771071

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088e995d3500002bf6461e4000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62912b41e8382bf6-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 api.gif
v3.denakop.com/ 0
68 B 440ms
439ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=macOS&u=U9FtvOI0Skyi3yriMwYe%2Fg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1614588953907&cb=0.023258906372264798

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088e995d3500002bf6a439a000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 62912b41e8392bf6-FRA
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A8F7 5 KB
749 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial|Roboto:regular|Roboto+Condensed:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5afd6059fcf0565bc0bf32aaea8a4100a546370a8fe6f24c8b71e331485827a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 08:55:53 GMT
server: ESF
date: Mon, 01 Mar 2021 08:55:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Mar 2021 08:55:53 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A8F7 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 04:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 02 Mar 2021 04:25:41 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A8F7 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4889942129425517684/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 01 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D10F 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

055682c9ff0e2f52e0df8ffc0956556d10f498c08021e761a3ecdd6100b4ae22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6435
x-xss-protection: 0

GET
H3-Q050 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2995 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26d1d56972b1c15c2e6306998afb7ed6df5f80d4d8d95ff4234bf100236f868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vacina.saude.rs.gov.br
Referer: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:17:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:24 GMT
server: sffe
age: 279515
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13340
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:17:18 GMT

GET
H3-Q050 200 XRXW3I6Li01BKofAjsOUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v16/ Frame 2995 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevIWzgPDA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26c2d38dbd37d776d151ae486dbe2e0ffd099a2cf53183c74b0da5e1e19f3126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vacina.saude.rs.gov.br
Referer: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:57 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:30 GMT
server: sffe
age: 62697
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13364
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5685 8 KB
6 KB 26ms
24ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e30e338067e789f9c5ecc858ff318da74e120c798eb0582c50aca149d13d89de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6505
x-xss-protection: 0

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame A8F7 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial|Roboto:regular|Roboto+Condensed:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Questrial|Roboto:regular|Roboto+Condensed:regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 07:56:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:42 GMT
server: sffe
age: 262740
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10968
x-xss-protection: 0
expires: Sat, 26 Feb 2022 07:56:54 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 6630 55 KB
21 KB 12ms
9ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47979ef506264db0704b5de93065a3ca44e171e2054648f5f12f66f587a1ed3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6379854420851476&output=html&h=280&slotname=9839216272&adk=1248722756&adf=3151381793&pi=t.ma~as.9839216272&w=336&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&ea=0&flash=0&wgl=1&dt=1614588952727&bpp=4&bdt=51&idt=141&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D9ddf4375fc8b09b9%3AT%3D1614588950%3AS%3DALNI_MbLhD7ZlRT2_7VQxbwyTr7oxhz6IQ&correlator=5509249374306&frm=23&ife=5&pv=1&ga_vid=1680029494.1614588950&ga_sid=1614588953&ga_hid=1257059518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1034&ady=8518&biw=1600&bih=1200&isw=336&ish=280&ifk=907438756&scr_x=0&scr_y=0&eid=44736376%2C182982200&oid=3&pvsid=3246052448910392&rx=0&eae=2&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.9q113v8wq0ne&btvi=1&fsb=1&dtd=153
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 07:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3457
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21163
x-xss-protection: 0
server: cafe
etag: 17443452193483161684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 01 Mar 2021 08:58:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 6D00 35 B
462 B 11ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHcLgZcZrO5SXypJtZH04vc&google_cver=1&google_push=AQvitUL_91ozK6zc2z-0ydQso9-WnArvggj3rHGG6IM_cEZYpR8GdleyVbxrImshI70Mf3lQtvQpgXu2EV2O6U2r_ZL5RNObHw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6D00
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cExBWWRSNDMxTGdFbGs1&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cver=1&google_push=AQvitUL0lU24L9ORlN_tSZaziWnnq-RXIiRuR8Uy9hcS9Kl...

170 B
190 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cExBWWRSNDMxTGdFbGs1&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cver=1&google_push=AQvitUL0lU24L9ORlN_tSZaziWnnq-RXIiRuR8Uy9hcS9KlS-UklMZrr56jdJQzwjpnGNN8hiXmS44n6CwWYYSntJIpN3Oq1Bjo

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Mar 2021 08:55:53 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-05a1c1cf6bbf9fe9a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cExBWWRSNDMxTGdFbGs1&google_gid=CAESEL-_34Kcfv12wRgRkcLMNuM&google_cver=1&google_push=AQvitUL0lU24L9ORlN_tSZaziWnnq-RXIiRuR8Uy9hcS9KlS-UklMZrr56jdJQzwjpnGNN8hiXmS44n6CwWYYSntJIpN3Oq1Bjo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6D00
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEWUcZCb8-QvEH2cay8zfWs&google_cver=1&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOOlzLxzpgrHXRg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=79CFA672C7D647B9BEEE19D746264E27&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOO...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=79CFA672C7D647B9BEEE19D746264E27&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOO...

170 B
190 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=79CFA672C7D647B9BEEE19D746264E27&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOOlzLxzpgrHXRg&google_tc=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=79CFA672C7D647B9BEEE19D746264E27&google_push=AQvitULPaOnts7_I5Og58vzb2SqmFgnq_F39B4A3iEbBgWLw4uot46TfZc0DFEuw66DZrSEH-bSqsE-FFriseOOlzLxzpgrHXRg&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 429
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6D00
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJq8ImZZmcgdTPtTHGz7wbM&google_cver=1&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW...
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk&google_sc&google...
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk&google_sc=&googl...

170 B
190 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk&google_sc=&google_hm=EBAQEA&google_tc=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIgeoWE84dM_uW78yYDR7hIldpvYkduZPjgmS_xri3DuVyxikJl75h2bJ5QaniQTUgcBLoA-XW8jWg5-GH_OQ7R0ofEKVk&google_sc=&google_hm=EBAQEA&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 436
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6D00
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEI7hu7NNB2G0a2-tgk7uqv0&google_cver=1&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg&google_hm=Ud9-I2SJQYOMUyTxntYMVKs
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg&google_hm=Ud9-I2SJQYOMUyTxntYMVK...

170 B
190 B

19ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg&google_hm=Ud9-I2SJQYOMUyTxntYMVKs&google_tc=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUILAVB5wYoAZGLI6lrB0OnwGV4q1n5nzXlW_CtJmxxs8tEw2spUdVPfC80StozbECtg_Wf9niLSaJwCH3Tfme7U_lT1Yg&google_hm=Ud9-I2SJQYOMUyTxntYMVKs&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6D00
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK0vaAYXnC0YhIAODUKFzxk&google_cver=1&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERX...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEK0vaAYXnC0YhIAODUKFzxk&google_cver=1&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERX...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7KQCL47qaxqK2_wYnfD9zw&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERXFvX9QEzODaIh0ANx-JOu...

170 B
190 B

17ms
16ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7KQCL47qaxqK2_wYnfD9zw&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERXFvX9QEzODaIh0ANx-JOuMaJ_SZEinOaYsx6Qqg

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7KQCL47qaxqK2_wYnfD9zw&google_push=AQvitUJonzSLsBLhsgF_LH7n1nwi2V5vi8N1aRTKUkX7wVo0KhOeykFvTgERXFvX9QEzODaIh0ANx-JOuMaJ_SZEinOaYsx6Qqg
Date: Mon, 01 Mar 2021 08:55:54 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 237
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6D00
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIKwc0MGFFwWh-voUyauBgU&google_cver=1&google_push=AQvitUK10kctuH4wcEIuTZbdtHt2GOrMIRF4MTB6sOUWldJNrDQLOruXWPVgDK0jPgqmLvQc9C0clETEIKbSw1zkXu7ysn5PFQ
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK10kctuH4wcEIuTZbdtHt2GOrMIRF4MTB6sOUWldJNrDQLOruXWPVgDK0jPgqmLvQc9C0clETEIKbSw1zkXu7ysn5PFQ&google_hm=MjY1MTA2ODg0MjU1OTEwMzIy...

170 B
193 B

18ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK10kctuH4wcEIuTZbdtHt2GOrMIRF4MTB6sOUWldJNrDQLOruXWPVgDK0jPgqmLvQc9C0clETEIKbSw1zkXu7ysn5PFQ&google_hm=MjY1MTA2ODg0MjU1OTEwMzIyNA%3D%3D

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 Mar 2021 08:55:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUK10kctuH4wcEIuTZbdtHt2GOrMIRF4MTB6sOUWldJNrDQLOruXWPVgDK0jPgqmLvQc9C0clETEIKbSw1zkXu7ysn5PFQ&google_hm=MjY1MTA2ODg0MjU1OTEwMzIyNA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 6D00 0
49 B 16ms
14ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItrlT6ZDPMmttdkQHnRTN4YmlUmtn4mgZxae31GjOaQxn7X94xyfzxPQ7oFiNhw4FRiB7z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3C70 8 KB
6 KB 20ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67aaa92c59d90760a0f978651f3891c9b23f2518580a7839db4b41d3eee7641a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6463
x-xss-protection: 0

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_3_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age: 2078720
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11570-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1614588954.198726,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits: 197634

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 8ms
7ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_3_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront), 1.1 varnish
age: 3455901
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11570-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1614588954.199110,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: mX0WwlTmUO4x6xuR8DDLZg909FJ4TvyaVteRGEevDZZ-WfTsdjHQoQ==
x-cache-hits: 7282072

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.0.0/ 555 KB
113 KB 8ms
8ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.0.0/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_3_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4c886452c47925f881f45655db6ab702d61478ce82bf2b28207e61306231695b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 varnish
age: 79398
x-amz-meta-mtime: 1614509505
x-cache: HIT
x-amz-meta-ctime: 1614509519
x-amz-meta-mode: 33188
content-encoding: br
content-length: 115137
x-amz-id-2: ib6CZkjgfm63NajV1poPyVBUjlR7ftHB/ss/bHbyqcFm6LnDwhNrsVTuHFgaTxTCRL1ArYIOJKk=
x-served-by: cache-hhn11570-HHN
accept-ranges: bytes
last-modified: Sun, 28 Feb 2021 10:52:00 GMT
server: AmazonS3-br
x-timer: S1614588954.215937,VS0,VE0
etag: "145c2fd6860fca8f2087d4c25996565b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: BC2BDBB158F04724
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 50435

GET
H2 200 sync Show response
am-match.taboola.com/ Frame CF80 1 KB
1 KB 23ms
21ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_3_1/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e8c4bb1f9beef34126f57d71c5c98aaa74b8ed798b8bbb0e2c6936fa79190e84

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7KV8CFgPPJl9FaighxATPJl9FaighxAUAAAAGBjsHHUTZEBaMzW7B4Qwni8litlgtFpvFbLGbbEZD4CDKhrBgbHYLDmc4WUwWs8VoNJmMlrPFajIFhyk7TS7LQS2QNU0uvxtC0HQ6fK57ve73u2v8lsvL6Tf5DX_b367xu-0Sy18OAAAAAA8AWVbhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAeqUxoAUBwG4rKcnXZ_AAA8FIAAAAwokAAQxK-XAIx0dp0AAAAAAAAAALD8____xwzML47IDNhrh_QAPPgAPBAVmBYxAgAAAMjKB1o9mtQJlUUVAABBuhXAFQBAwF07QI5XGAAAAMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE5LywE0LsqLYU_sFBABY-wUEAGAbNwCAtwC4oCNoxWCwOoRY7GaDxWYxOwAAAIC7____fz2QGc5sG9vCZbK4LM7lxuWYTHzDhXEyMs1WDtdisr1rXjpsq3qM0j6HKTtNLstBLZA1TS6__SZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwhDy5Frs1rM3MqNc-EWjVbLtcRkXKyVK9dg5lrNhqvRxi16fUy_zWyzWM62KBjAsBfBRTrR-C2Xl9Nv8hv-tr9FLNGcLNKJ7LLvDGe2jW3hMllcFudy43JMJr7hwjgZmWYrh2sx2ZeWI9dmtZi5lRvnwi0arZZricm4WCtXrsHMtZoNV6ONW_T6mH6b2WaxnO0bs8VoNRwuV4N9Y7YYrYbD5Wqw7zCZnqnP2ai-7EQelWr7-aluMdNB4TJYvD-JaTHtzg5-aevo9Pk8yoLOKLx-j16DwnPwqE7D43HpPC7D0txBEUsEp4t0IvS7XRaxRPK0SCcKm2fknJlGI9fKuHGNVoaVxeEweZaLyWyxcTk3E7FEabpIJ3qJ-o8NuJxLRsu5bDRX7BarBAAAAAAAAACwhDnzJgAAAACnwUxGg91quQAR8c26wCIAAAAAAAC7sNkY0HpculnFjR83jN9yeTn9Jr_hb_tbGUCCr555s2eCWKvVsgYAABDABgAACODWzVtAWCQH!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
date: Mon, 01 Mar 2021 08:55:54 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 9ms
8ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront), 1.1 varnish
age: 1934053
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-hhn11570-HHN
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1614588954.237228,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: G4P2bsVURwUd-6ftn_beps3mb7kmsffmK8YE2wwAUVs5--MeiZC6SQ==
x-cache-hits: 772204

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
1 KB 10ms
9ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 d79148f01e44f5598c15bdd5ce1c1997.cloudfront.net (CloudFront), 1.1 varnish
age: 1286915
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-hhn11570-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1614588954.238059,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9zE_eWDK4NC0Cf3n34DtvXZ4SmjGDoHgXgi77pm7LgxGlqrjH4P-Yw==
x-cache-hits: 389987

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
978 B 10ms
9ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 varnish
age: 2538846
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-hhn11570-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1614588954.238025,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: BvOIM6Ru-sj1Zuk8Pv4KwWWtNjjN_qkQBQVKUVBbjGSvlxOJWOiTWQ==
x-cache-hits: 706259

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
935 B 10ms
9ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront), 1.1 varnish
age: 2522345
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-hhn11570-HHN
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1614588954.238008,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oN72cAAVKwvn1GJ4MZDIQi3y4vHm--RqZWj9LNg2dBhXT141wINHrw==
x-cache-hits: 707450

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
959 B 9ms
8ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront), 1.1 varnish
age: 2492757
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-hhn11570-HHN
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1614588954.237983,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZDqQ-5Xcpbcna9hH6Q_Y9h6blg6jnT4mc-LZJehSirPojNmToP3qjA==
x-cache-hits: 706350

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 10ms
8ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 114
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: 0oSXcFX1nlsAErclonIcTjETlJLhoQHC57kTGd+akPlThnAJg0Cd73vs7+tuJ/saLoCPf3oh7dI=
x-served-by: cache-hhn11570-HHN
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1614588954.239266,VS0,VE0
date: Mon, 01 Mar 2021 08:55:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 0C9AE7ADC5FE4D8A
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 66
x-cache-hits: 112

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED75 8 KB
6 KB 22ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8293ddfb99a6d9aad9b50a07184ef40d2bbb4e2b1f0a0bbd6416f3dcc1fc8d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Mar 2021 08:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6558
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D10F 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6379854420851476&plah=www.correiodopovo.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 08:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Mon, 01 Mar 2021 08:55:54 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame C040 55 KB
21 KB 7ms
7ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS