www.correiodopovo.com.br Open in urlscan Pro
194.126.175.195 Public Scan

URL: https://recordtv.r7.com/genesis
Title: GÊNESIS

URL: https://recordtv.r7.com/ilha-record
Title: ILHA RECORD

URL: https://recordtv.r7.com/ilha-record/fichas/conheca-o-elenco-do-reality-show-ilha-record-02062021
Title: Participantes

URL: https://recordtv.r7.com/ilha-record/novidades
Title: Novidades

URL: https://recordtv.r7.com/ilha-record/novidades/fotos/faca-um-tour-pela-mansao-do-reality-ilha-record-19072021
Title: Tour pela Mansão

URL: https://recordtv.r7.com/ilha-record/sabrina-na-ilha
Title: Sabrina na Ilha

URL: https://recordtv.r7.com/ilha-record/cinco-perguntas-do-hudson
Title: 5 Perguntas do Hudson

URL: https://noticias.r7.com/saude/coronavirus
Title: CORONAVÍRUS

URL: https://noticias.r7.com/
Title: JR 24H

URL: https://noticias.r7.com/politica
Title: Política

URL: https://noticias.r7.com/economia
Title: Economia

URL: https://noticias.r7.com/economia/economize
Title: Economize

URL: https://noticias.r7.com/economia/imposto-de-renda
Title: Imposto de Renda

URL: https://noticias.r7.com/internacional
Title: Internacional

URL: https://noticias.r7.com/resumo-r7
Title: Resumo R7

URL: https://noticias.r7.com/tecnologia-e-ciencia
Title: Tecnologia & Ciência

URL: https://noticias.r7.com/saude
Title: Saúde

URL: https://noticias.r7.com/agronegocios
Title: Agronegócio

URL: https://noticias.r7.com/educacao
Title: Educação

URL: https://noticias.r7.com/educacao/r7-ensina
Title: R7 Ensina

URL: https://noticias.r7.com/hora-7
Title: Hora 7

URL: https://noticias.r7.com/carros
Title: Carros

URL: https://noticias.r7.com/concursos
Title: Concursos

URL: https://noticias.r7.com/cidades
Title: Cidades

URL: https://noticias.r7.com/brasil
Title: Brasil

URL: https://noticias.r7.com/sao-paulo
Title: São Paulo

URL: https://noticias.r7.com/distrito-federal
Title: Distrito Federal

URL: https://noticias.r7.com/rio-de-janeiro
Title: Rio de Janeiro

URL: https://noticias.r7.com/minas-gerais
Title: Minas Gerais

URL: https://noticias.r7.com/pernambuco
Title: Pernambuco

URL: https://monitor7.r7.com/
Title: MonitoR7

URL: https://entretenimento.r7.com/
Title: ENTRETENIMENTO

URL: https://entretenimento.r7.com/cinema-e-series
Title: Cinema e Séries

URL: https://www.estrelando.com.br/
Title: Estrelando

URL: https://entretenimento.r7.com/famosos-e-tv
Title: Famosos e TV

URL: https://entretenimento.r7.com/games
Title: Games

URL: https://entretenimento.r7.com/musica
Title: Música

URL: https://entretenimento.r7.com/musica/trilha-de-sexta-2
Title: Trilha de Sexta

URL: https://www.vagalume.com.br/
Title: Vagalume

URL: https://entretenimento.r7.com/viagens
Title: Viagens

URL: https://lifestyle.r7.com/
Title: LIFESTYLE

URL: https://lifestyle.r7.com/beleza
Title: Beleza

URL: https://lifestyle.r7.com/bem-estar
Title: Bem-Estar

URL: https://lifestyle.r7.com/bichos
Title: Bichos

URL: https://lifestyle.r7.com/casa-e-decoracao
Title: Casa e Decoração

URL: https://lifestyle.r7.com/comidas
Title: Comidas

URL: https://lifestyle.r7.com/dietas
Title: Dietas

URL: https://lifestyle.r7.com/filhos
Title: Filhos

URL: https://lifestyle.r7.com/moda
Title: Moda

URL: https://esportes.r7.com/
Title: ESPORTES

URL: https://esportes.r7.com/futebol/campeonato-carioca
Title: Carioca 2021

URL: https://esportes.r7.com/automobilismo/
Title: Automobilismo

URL: https://esportes.r7.com/e-sports
Title: e-Sports

URL: https://esportes.r7.com/olimpiadas
Title: Olimpíadas

URL: https://esportes.r7.com/fora-de-jogo
Title: Fora de Jogo

URL: https://esportes.r7.com/futebol
Title: Futebol

URL: https://esportes.r7.com/lance
Title: Lance

URL: https://esportes.r7.com/mais-esportes
Title: Mais Esportes

URL: https://prisma.r7.com/todos-os-blogs
Title: BLOGS

URL: https://noticias.r7.com/prisma/andre-azeredo
Title: André Azeredo

URL: https://noticias.r7.com/prisma/arquivo-vivo
Title: Arquivo Vivo

URL: https://noticias.r7.com/prisma/augusto-nunes
Title: Augusto Nunes

URL: https://noticias.r7.com/prisma/autos-carros
Title: Autos Carros

URL: https://noticias.r7.com/prisma/christina-lemos
Title: Christina Lemos

URL: https://noticias.r7.com/prisma/conversa-de-reporter
Title: Conversa de Repórter

URL: https://noticias.r7.com/prisma/cronicas-de-stoliar
Title: Crônicas do Stoliar

URL: https://noticias.r7.com/prisma/eduardo-olimpio
Title: Eduardo Olimpio

URL: https://noticias.r7.com/prisma/empreendendo-direito
Title: Empreendendo Direito

URL: https://noticias.r7.com/prisma/herodoto-barbeiro
Title: Heródoto Barbeiro

URL: https://noticias.r7.com/prisma/nosso-mundo
Title: Nosso Mundo

URL: https://noticias.r7.com/prisma/guto-ferreira
Title: Guto Ferreira

URL: https://noticias.r7.com/prisma/o-que-e-que-eu-faco-sophia
Title: O que é que eu faço, Sophia ?

URL: https://noticias.r7.com/prisma/r7-planalto
Title: R7 Planalto

URL: https://noticias.r7.com/prisma/refletindo-sobre-a-noticia-por-ana-carolina-cury
Title: Refletindo sobre a notícia

URL: https://noticias.r7.com/prisma/blog-do-nolasco
Title: Blog do Nolasco

URL: https://www.r7.com/tudo-do-r7/todos-os-blogs
Title: Todos os Blogs

URL: https://esportes.r7.com/prisma/cosme-rimoli
Title: Cosme Rímoli

URL: https://esportes.r7.com/prisma/lucas-pereira
Title: Lucas Pereira

URL: https://esportes.r7.com/prisma/silvio-lancellotti
Title: Sílvio Lancellotti

URL: https://esportes.r7.com/prisma/r7-so-esportes
Title: Só Esportes

URL: https://entretenimento.r7.com/prisma/apuracao-hq
Title: Apuração HQ

URL: https://entretenimento.r7.com/prisma/flavio-ricco
Title: Flavio Ricco

URL: https://entretenimento.r7.com/prisma/keila-jimenez
Title: Keila Jimenez

URL: https://entretenimento.r7.com/prisma/ligia-braslauskas-literatura
Title: Literatura

URL: https://entretenimento.r7.com/prisma/melhor-nao-ler
Title: Melhor Não Ler

URL: https://entretenimento.r7.com/prisma/odair-braz-jr
Title: Odair Braz Jr.

URL: https://entretenimento.r7.com/prisma/toque-toque
Title: Toque Toque

URL: https://entretenimento.r7.com/prisma/ziriguidum
Title: Ziriguidum

URL: https://lifestyle.r7.com/prisma/e-de-comer
Title: É de Comer

URL: https://lifestyle.r7.com/prisma/mao-de-vaca-com-estilo
Title: Mão de Vaca com Estilo

URL: https://lifestyle.r7.com/prisma/procura-se-cachorro
Title: Procura-se Cachorro

URL: https://recordtv.r7.com/
Title: RECORD TV

URL: https://recordtv.r7.com/programacao/
Title: Programação

URL: https://recordtv.r7.com/recordtv-emissoras
Title: Emissoras

URL: https://recordtv.r7.com/record-europa
Title: RecordTV Europa

URL: https://recordtv.r7.com/recordtv-interior-sp
Title: RecordTV Interior SP

URL: https://recordtv.r7.com/record-tv-litoral-e-vale
Title: RecordTV Litoral e Vale

URL: http://recordtv.r7.com/tv-digital/
Title: TV Digital

URL: https://recordtv.r7.com/videos
Title: Vídeos

URL: https://recordtv.r7.com/prova-de-amor
Title: Prova de Amor

URL: https://recordtv.r7.com/topissima
Title: Topíssima

URL: https://recordtv.r7.com/balanco-geral
Title: Balanço Geral

URL: https://recordtv.r7.com/balanco-geral-manha
Title: Balanço Geral Manhã

URL: http://brasilcaminhoneiro.com.br/
Title: Brasil Caminhoneiro

URL: https://recordtv.r7.com/camera-record
Title: Câmera Record

URL: https://recordtv.r7.com/cidade-alerta
Title: Cidade Alerta

URL: https://recordtv.r7.com/domingo-espetacular
Title: Domingo Espetacular

URL: https://recordtv.r7.com/esporte-fantastico
Title: Esporte Fantástico

URL: https://recordtv.r7.com/fala-brasil
Title: Fala Brasil

URL: https://recordtv.r7.com/o-hospital
Title: O Hospital

URL: https://noticias.r7.com/record-news
Title: Record News

URL: https://recordtv.r7.com/hoje-em-dia
Title: Hoje em Dia

URL: https://recordtv.r7.com/hora-do-faro
Title: Hora do Faro

URL: https://recordtv.r7.com/love-school-escola-amor/
Title: The Love School - Escola do Amor

URL: https://recordtv.r7.com/power-couple-brasil-5
Title: Power Couple Brasil 5

URL: https://www.playplus.com/
Title: PlayPlus

URL: https://podcasts.r7.com/
Title: Podcasts

URL: https://www.r7.com/cupons
Title: R7 Cupons

URL: https://estudio.r7.com/
Title: R7 Estúdio

URL: https://virtz.r7.com/
Title: R7 Virtz

URL: https://aclr.r7.com/
Title: ACLR

URL: https://videos.r7.com/
Title: Vídeos

URL: https://recordtv.r7.com/love-school-escola-amor/ao-vivo
Title: Love School

URL: https://videos.r7.com/universal
Title: Universal

URL: https://mundorecord.com.br/
Title: Mundo Record

URL: https://www.r7.com/apps
Title: R7 Apps

URL: https://trilhassonoras.r7.com/
Title: R7 Trilhas Sonoras

URL: https://recordtv.r7.com/studio-ad
Title: Studio AD

URL: https://www.ressoar.org.br/
Title: Ressoar

URL: https://recordtv.gupy.io/
Title: Carreira

URL: https://noticias.r7.com/acessibilidade/conheca-as-ferramentas-de-acessibilidade-disponiveis-no-r7com-10062020
Title: ACESSIBILIDADE

URL: http://leitor.correiodopovo.com.br/?tag=assinetopo
Title: Assine

URL: http://digital.correiodopovo.com.br/
Title: Entrar

URL: https://bellamais.correiodopovo.com.br/
Title: Bella Mais

URL: https://bellamais.correiodopovo.com.br/modabeleza
Title: Moda & Beleza

URL: https://bellamais.correiodopovo.com.br/estilo-de-vida
Title: Estilo de Vida

URL: https://bellamais.correiodopovo.com.br/relacionamentos
Title: Relacionamentos

URL: https://bellamais.correiodopovo.com.br/negociosefinancas
Title: Negócios & Finanças

URL: https://bellamais.correiodopovo.com.br/bemestar
Title: Bem-estar

URL: https://bellamais.correiodopovo.com.br/colunistas
Title: Colunistas

URL: https://portal.correiodopovo.com.br/Faleconosco/?FC=CONOSCO
Title: Trabalhe conosco

URL: https://portal.correiodopovo.com.br/politicadeprivacidade
Title: Política de Privacidade

URL: https://portal.correiodopovo.com.br/TermoeCondicoesdeUso
Title: Termos e condições de Uso

URL: https://portal.correiodopovo.com.br/faleconosco/?FC=ATENDIMENTO
Title: Atendimento ao assinante

URL: https://portal.correiodopovo.com.br/faleconosco/?FC=GERAL
Title: Fale com a Redação

URL: https://portal.correiodopovo.com.br/Publicidade/
Title: Soluções para seu negócio

URL: https://portal.correiodopovo.com.br/Publicidade/pdf/MIDIAKIT2021.pdf
Title: Mídia Kit

URL: https://portal.correiodopovo.com.br/Publicidade/pdf/TABELA_COMERCIAL_2021-v4.pdf
Title: Tabela Comercial

URL: https://digital.correiodopovo.com.br/
Title: Jornal Digital

URL: http://leitor.correiodopovo.com.br/
Title: Loja Correio do Povo

URL: https://portal.correiodopovo.com.br/Faleconosco/
Title: Atendimento ao assinante

URL: http://ejcj.cpovo.net/
Title: Portal Administrativo

URL: https://portal.correiodopovo.com.br/CPovo/SuporteTecnico/
Title: Provedor

URL: https://outlook.office.com/
Title: Webmail

URL: http://minhaconta.correiodopovo.com.br/
Title: Minha Conta

URL: https://guaiba.com.br/
Title: Rádio Guaíba

URL: https://www.recordtvrs.com.br/
Title: Tv Record RS

URL: https://www.linkedin.com/company/correio-do-povo/

URL: https://www.instagram.com/correiodopovo/

URL: https://www.facebook.com/CorreioDoPovo/

URL: https://www.youtube.com/channel/UCphn4Z4L2dGNoh7jz_99EOA

URL: https://twitter.com/correio_dopovo

URL: https://www.vicampo.ch/6-fl-montrale-rosso-salento-glaeser-ta-opc-p119598-c235?utm_source=Taboola&utm_medium=Recommendation+Ad&utm_campaign=6+Fl+Montrale+Rosso+Salento+Glaeser+7990CHF&utm_term=desktop&utm_content=3022429335_1176013&tblci=GiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSClmEIokJCDko-tyYC9AQ#tblciGiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSClmEIokJCDko-tyYC9AQ
Title: vicampo.ch

URL: https://prohearing.ch/hoergeraete-tester?utm_source=taboola&utm_medium=Desktop%20RON%20DE%20Schweiz%20Premium&TaboolaClickId=GiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSD8yEcov77oiO2J1L9G&tblci=GiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSD8yEcov77oiO2J1L9G#tblciGiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSD8yEcov77oiO2J1L9G
Title: PROHEARING

URL: https://cdn.hoergeraete.hoeren-heute.ch/horizon_reveal/?utm_content=3012066227&utm_publisher_ID=correiodopovo&mkt_tool_id=9142d2&utm_term=9142d2&act=ACT0000033663ACT&utm_source=taboola&utm_medium=display&utm_campaign=ch_de_hoe_display_taboola_ch_hh_horizon_reveal_acq_desktop_cw23_audibene-ch2-sc_ACT0000033663ACT&utm_creative_ID=3012066227&aud_adcopy=Bottmingen+jubelt%3A+Unsichtbares+H%C3%B6rsystem%2C+das+sich+jeder+leisten+kann%21&tbclid=GiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSCqkUYo7fWV8qqmmNgq#tblciGiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSCqkUYo7fWV8qqmmNgq
Title: Hören heute

URL: https://cdn.hoergeraete.hoeren-heute.ch/horizon_reveal/?utm_content=3021280266&utm_publisher_ID=correiodopovo&mkt_tool_id=937ec3&utm_term=937ec3&act=ACT0000033663ACT&utm_source=taboola&utm_medium=display&utm_campaign=ch_de_hoe_display_taboola_ch_hh_horizon_reveal_acq_desktop_cw23_audibene-ch2-sc_ACT0000033663ACT&utm_creative_ID=3021280266&aud_adcopy=Bottmingen%3A+Unsichtbares+H%C3%B6rsystem%2C+das+sich+jeder+leisten+kann%21&tbclid=GiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSCqkUYo5a2R1NnAj-l0#tblciGiBboPBYI4jShe3EjHpb5k134uNfTt7ASGU4sWDrYijItSCqkUYo5a2R1NnAj-l0
Title: Hören heute

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=correiodopovo&utm_medium=referral&utm_content=thumbnails-a:Mid%20Article%20Thumbnails:
Title: por taboola

URL: https://bellamais.correiodopovo.com.br/colunistas/sheilasampaio/lembrei-de-voc%C3%AA-1.676033
Title:

URL: https://bellamais.correiodopovo.com.br/relacionamentos/maternidade/gr%C3%A1vidas-com-covid-19-correm-mais-risco-de-desenvolver-pr%C3%A9-ecl%C3%A2mpsia-1.676006
Title: gravida

URL: https://bellamais.correiodopovo.com.br/negociosefinancas/empreendedorismo/coragem-para-mudar-de-carreira-conhe%C3%A7a-duas-mulheres-inspiradoras-1.674763
Title: mudança de carreira

URL: https://bellamais.correiodopovo.com.br/estilo-de-vida/casa/monocromia-na-decora%C3%A7%C3%A3o-%C3%A9-tend%C3%AAncia-saiba-como-aplicar-1.674925
Title: decoração

URL: https://bellamais.correiodopovo.com.br/negociosefinancas/direitos/malala-yousafzai-afirma-temer-por-minhas-irm%C3%A3s-afeg%C3%A3s-1.675285
Title: controle Taliba

URL: https://bellamais.correiodopovo.com.br/colunistas/lauragluer/poesia-no-centro-hist%C3%B3rico-e-solidariedade-promovendo-a-inclus%C3%A3o-1.675240
Title: Laura Gluer

URL: https://bellamais.correiodopovo.com.br/relacionamentos/amores/viol%C3%AAncia-psicol%C3%B3gica-agora-%C3%A9-crime-saiba-como-identificar-e-denunciar-1.674729
Title:

URL: https://bellamais.correiodopovo.com.br/negociosefinancas/direitos/confedera%C3%A7%C3%A3o-de-handebol-cria-comit%C3%AA-de-pol%C3%ADticas-para-mulheres-1.674823
Title: direitos

URL: https://bellamais.correiodopovo.com.br/bemestar/saude/entenda-o-que-s%C3%A3o-as-hepatites-virais-e-como-se-prevenir-1.673009
Title: hepatites

URL: https://www.youtube.com/CorreiodoPovoPlay
Title: CP Play

URL: https://popup.taboola.com/en
Title: Ad

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.correiodopovo.com.br.admin-mcas.ms/ Page URL
https://www.correiodopovo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 132

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1629390219072&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1629390219072&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Request Chain 344

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1&C=1

Request Chain 345

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELkZkJ0HFoBChx-4toA4Uao&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELkZkJ0HFoBChx-4toA4Uao&google_cver=1&C=1

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1

Request Chain 351

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHeaDn4BuruoywmFtdLtvo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHeaDn4BuruoywmFtdLtvo&google_cver=1&C=1

Request Chain 357

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa

Request Chain 358

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=d10fbb65-0109-11ec-8cfa-1384e0ef0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&

Request Chain 359

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=vlkSj2qsQZxVaLEjfyHSGLmcr20&user_group=1&ssp=taboola&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=vlkSj2qsQZxVaLEjfyHSGLmcr20&user_group=1&ssp=taboola&gdpr=0 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5

Request Chain 365

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa

Request Chain 367

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=d114cbd7-0109-11ec-8574-1e875f050506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&

Request Chain 368

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=d63cc95a-53c6-470c-9953-dc672c5a3cea&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=352&user_id=97c4888f-0702-42d8-875a-4ffbb059b2df&expires=2&ssp=taboola&bsw_param=d63cc95a-53c6-470c-9953-dc672c5a3cea HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=352&user_id=97c4888f-0702-42d8-875a-4ffbb059b2df&expires=2&ssp=taboola&bsw_param=d63cc95a-53c6-470c-9953-dc672c5a3cea HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5

Request Chain 369

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cver=1&google_push=AYg5qPIOxXAEL1I2tM0FaZValJnE75kVG6CFtPIUV1jqMZPTx1GZskjbhKjlIRpzagNrWyU1WlTvH-0y9eOtLOfjiRmH5sTLehCE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cver=1&google_push=AYg5qPIOxXAEL1I2tM0FaZValJnE75kVG6CFtPIUV1jqMZPTx1GZskjbhKjlIRpzagNrWyU1WlTvH-0y9eOtLOfjiRmH5sTLehCE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aFJ5Wm50U0kxTWdLUHI1&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cver=1&google_push=AYg5qPIOxXAEL1I2tM0FaZValJnE75kVG6CFtPIUV1jqMZPTx1GZskjbhKjlIRpzagNrWyU1WlTvH-0y9eOtLOfjiRmH5sTLehCE

Request Chain 370

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_cver=1&google_push=AYg5qPJ1AHf9Gy7F2LgqukxBqyzXfkrSLoei1djOYJSNT8vKi7c50XOdV_3r-j_YT7HoujrWQvpaQbntVa_BIGAR2cWU7j5VAVQ0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJ1AHf9Gy7F2LgqukxBqyzXfkrSLoei1djOYJSNT8vKi7c50XOdV_3r-j_YT7HoujrWQvpaQbntVa_BIGAR2cWU7j5VAVQ0

Request Chain 372

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPY6--mcbM0J5m_cuprdbrk&google_cver=1&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT5WXf62z5LTOeo9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0B7jUHU3TZl5si0-b56hW7mcr20&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT5WXf62z5LTOeo9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0B7jUHU3TZl5si0-b56hW7mcr20&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT5WXf62z5LTOeo9&google_tc=

Request Chain 373

https://cs.media.net/cksync?type=g&google_gid=CAESEAzdi1EmZtyh9lvuxfRoGfQ&google_cver=1&google_push=AYg5qPK0_iy6gbq-GtmQOIqH0scruULsLclq-ovn_1tRdtQZAaQADvjG8EU61YCYVTvD_6q_rWvLAazKT39p3m2aaihLUecTZX_4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&mn_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK0_iy6gbq-GtmQOIqH0scruULsLclq-ovn_1tRdtQZAaQADvjG8EU61YCYVTvD_6q_rWvLAazKT39p3m2aaihLUecTZX_4&gdpr=&gdpr_consent=

Request Chain 374

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBAvbb5536A64M_PrO4lnQ8&google_cver=1&google_push=AYg5qPLAv9kTbthHYUNIo_NAihI5qDjI5IwjVuat5ToHWv14XX50udpPv_7VPd3ReDuQ5PkWYBu7khE7CGrgqReAwJZIoneiz-Ii HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLAv9kTbthHYUNIo_NAihI5qDjI5IwjVuat5ToHWv14XX50udpPv_7VPd3ReDuQ5PkWYBu7khE7CGrgqReAwJZIoneiz-Ii&google_hm=MTg0NTQ1NTQwNjE2MjAwNzg0NA%3D%3D

Request Chain 375

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEA2DGNXCMOGF4_Be3qLTYzk&google_cver=1&google_push=AYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5pnrIWBpPyBoqQ HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D66934c27-cf3a-4db9-90e0-d8029b0a3416%26google_push%3DAYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5pnrIWBpPyBoqQ&ssp=googleban&exu=CAESEA2DGNXCMOGF4_Be3qLTYzk HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=66934c27-cf3a-4db9-90e0-d8029b0a3416&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D66934c27-cf3a-4db9-90e0-d8029b0a3416%26google_push%3DAYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5pnrIWBpPyBoqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=66934c27-cf3a-4db9-90e0-d8029b0a3416&google_push=AYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5pnrIWBpPyBoqQ

Request Chain 379

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAs_jXBxyOdz2hkZiq8eMk4&google_cver=1&google_push=AYg5qPKIodJvtIw2TUc5KsLuBzi0aFflesZ0TQnbWLIXjHEdtbkUFW59GqBo8YZEdoVKVcyz-j43yQ3DAAz88rTgdk-2lYH8gHNi HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEAs_jXBxyOdz2hkZiq8eMk4&google_cver=1&google_push=AYg5qPKIodJvtIw2TUc5KsLuBzi0aFflesZ0TQnbWLIXjHEdtbkUFW59GqBo8YZEdoVKVcyz-j43yQ3DAAz88rTgdk-2lYH8gHNi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=bmrDO8SmQz2iL2Us5dKeUmEehY0

Request Chain 380

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKK98EIpKJ4JfwRx9cVwInM&google_cver=1&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A7YFfGmBRlaGpoKA8Hrc0g2&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A7YFfGmBRlaGpoKA8Hrc0g2&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6&google_tc=

Request Chain 381

https://d5p.de17a.com/cookies/google?google_gid=CAESELjcdqcI_tsdOyN0qerXH2A&google_cver=1&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L1bknt HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELjcdqcI_tsdOyN0qerXH2A&google_cver=1&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L1bknt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L1bknt

Request Chain 382

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPY6--mcbM0J5m_cuprdbrk&google_cver=1&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYajlWvCQ4b1as-d5y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8k1Fj-7iQB5xbF2vX299_rmcr20&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYajlWvCQ4b1as-d5y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8k1Fj-7iQB5xbF2vX299_rmcr20&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYajlWvCQ4b1as-d5y&google_tc=

Request Chain 383

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHvA0uHsH7Au2Saw-NxdPTE&google_cver=1&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBRqa0jDbXQcf4oMkP60P_68rvWWneA HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHvA0uHsH7Au2Saw-NxdPTE&google_cver=1&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBRqa0jDbXQcf4oMkP60P_68rvWWneA&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcS5raDVWRTJ1SFdwbGtMV0QuaFBfRDhScVlpWnZPaH5B&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBRqa0jDbXQcf4oMkP60P_68rvWWneA

Request Chain 385

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAgW__rU3UAowbxVd5frq0A&google_cver=1&google_push=AYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAgW__rU3UAowbxVd5frq0A&google_cver=1&google_push=AYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 386

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_cver=1&google_push=AYg5qPJlx4ixSJKuagOz2zxMrdTmCI_UevbH1x_qhQwa7v6RwdEwZzCG30zv3UcpeSRx8geDQzroXvSNMm3XAn1jJSr7p6qsca-P HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJlx4ixSJKuagOz2zxMrdTmCI_UevbH1x_qhQwa7v6RwdEwZzCG30zv3UcpeSRx8geDQzroXvSNMm3XAn1jJSr7p6qsca-P

Request Chain 387

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEPzQGiA2c0_qA_DwwZ7t1GU&google_cver=1&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6hPluqCc9pZXxQbcr_r7FOTBk_dJ3TqbQHw8AMTj HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEPzQGiA2c0_qA_DwwZ7t1GU&google_cver=1&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6hPluqCc9pZXxQbcr_r7FOTBk_dJ3TqbQHw8AMTj&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=droPOLmxWl4qjXJkqjJlUQ&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6hPluqCc9pZXxQbcr_r7FOTBk_dJ3TqbQHw8AMTj

Request Chain 389

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO1jItkJ3bCrs_Z43vwy6C0&google_cver=1&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp&google_gid=CAESEO1jItkJ3bCrs_Z43vwy6C0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE2MzY4MzMzNTUyNzM2MTY2NQ%3D%3D&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp

Request Chain 390

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBAvbb5536A64M_PrO4lnQ8&google_cver=1&google_push=AYg5qPJbJCbTvOsrHDE5S5tk-YhFegQ6A5eAEw9a7cguR_nbAaylCEKWH9PoVkzXPPp0BvuwN9EnJqCKD8NPCNpGebjxz-8EapX4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJbJCbTvOsrHDE5S5tk-YhFegQ6A5eAEw9a7cguR_nbAaylCEKWH9PoVkzXPPp0BvuwN9EnJqCKD8NPCNpGebjxz-8EapX4&google_hm=ODEwMTU0MTIyOTQ5Mjk4MzYyNw%3D%3D

Request Chain 429

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KSJ4VA2E-I-HBRL

Request Chain 430

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEE8LAurPreM_kkQBAIfIiCk&google_cver=1

Request Chain 432

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cc5bb19-017b-4231-ae76-3c47bda66983-tuct8180b0f

Request Chain 433

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=98e16544-42f2-4e8e-8620-c7045dca57d6

Request Chain 434

https://ce.lijit.com/merge?pid=42&3pid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 438

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4c4e07d8-10dd-4e36-b5a4-e5ef79a43b7c

Request Chain 439

https://id5-sync.com/s/464/9.gif?puid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtPizUFHOgatl4Z6p8bYgWmFtSA3z5Z1mynfFKA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtPizUFHOgatl4Z6p8bYgWmFtSA3z5Z1mynfFKA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=7fee0588-ad80-4f30-b69c-5e820f07f8e7&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F5%2F3.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F5%2F3.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F5%2F3.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/464/146/5/3.gif?puid=&gdpr=1&gdpr_consent=

Request Chain 440

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=c41d19b3-19ed-41ce-9b65-6958004c2e10&ssp=taboola&user_group=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=366&expires=14&user_id=c41d19b3-19ed-41ce-9b65-6958004c2e10&ssp=taboola&user_group=1 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3a893c40-5bd6-4137-8c4a-b01daa506bbd

Request Chain 441

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9243ad04-4b6f-4b2f-8a29-42f06af4f72e HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9243ad04-4b6f-4b2f-8a29-42f06af4f72e&tbid=3a55ff0e-9330-4e1b-9e34-952a614d5b8f-tuct8180b0e&query=taboola_hm%3D9243ad04-4b6f-4b2f-8a29-42f06af4f72e&isDirect=0

Request Chain 442

https://u.openx.net/w/1.0/sd?id=543998486&val=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=

Request Chain 444

https://eb2.3lift.com/xuid?mid=7772&xuid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&dongle=tbla HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

Request Chain 451

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Request Chain 452

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Request Chain 519

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=939fcae7-8f9d-4693-bd28-fadbb3e1057d

Request Chain 522

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

Request Chain 525

https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1

Request Chain 534

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=39e8c9ed1ac2a3ceac1782c2851285cc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g074_6998177733092735120 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHGJ7tLrwLeK29-Q7abqS7w&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=939fcae7-8f9d-4693-bd28-fadbb3e1057d HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/39e8c9ed1ac2a3ceac1782c2851285cc&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vLdHrUxE2oMreo2FNr6qc0hz1dUUN86LblXlfJVu~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8924832106922946643 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=DtmFjQXQ1MgKPx5&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAELfk7CPQsAAClEEMn3kA&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0

Request Chain 537

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=39e8c9ed1ac2a3ceac1782c2851285cc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g066_6998177733092764264 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHGJ7tLrwLeK29-Q7abqS7w&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=939fcae7-8f9d-4693-bd28-fadbb3e1057d HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/39e8c9ed1ac2a3ceac1782c2851285cc&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vLdHrUxE2oMreo2FNr6qc0hz1dUUN86LblXlfJVu~A HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2671785039793296693 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AABLu07CPQsAACNWInHVfg&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YR6FkgADocr7NwBg&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0

Request Chain 538

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1--- HTTP 302
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---

Request Chain 539

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1--- HTTP 302
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---

Request Chain 540

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1--- HTTP 302
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---

Request Chain 545

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=

Request Chain 546

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 548

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1---&_test=YR6FkgADocr7NwBg HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YR6FkgADocr7NwBg&gdpr=0&us_privacy=1---&_test=YR6FkgADocr7NwBg

Request Chain 549

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ERsCQePKMFTk5zL0_kJgvMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8753158829914487610

Request Chain 550

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSJ4VD6E-18-G9NR&sigv=1&esig=2~2dc9a6fc49d78c6bdeef29a39f4ec90630f6196e&gdpr=0&us_privacy=1---

Request Chain 551

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGJkY2NjNjRmOTFkNzYyMTI0MWU3MTg4ODY1Y2JiNDFjYzZkMmM3Zg&gdpr=0&us_privacy=1---

Request Chain 552

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent=

Request Chain 554

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=0&us_privacy=1---&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMV_NS9BH3Po_W_XcPcCl24&google_cver=1

Request Chain 556

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=

Request Chain 558

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 571

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAS-y0o6j5-ffIq3wBJqHRo&google_cver=1

Request Chain 572

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR6FlVy00RDjDhSBGKXIxAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YR6FlVy00RDjDhSBGKXIxAAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJC8VCLiQkfw5qx8Wp5D4y4&google_cver=1

Request Chain 573

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&dcc=t

Request Chain 575

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YR6FlVy00RDjDhSBGKXIxAAA%261127?gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YR6FlVy00RDjDhSBGKXIxAAA%261127

Request Chain 576

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=DtmFjQXQ1MgKPx5

Request Chain 577

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3503383453133841208

Request Chain 578

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6826766291056294224&uid=Q6826766291056294224&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 580

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 585

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KSJ4VFXK-U-4IOA

Request Chain 626

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm=&google_ula=862479430&google_tc= HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMrtME4JqJws20ixzAOVWWM&google_cver=1&google_ula=862479430,0

Request Chain 635

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c727a279cab353b8ac6c382cbe74a2&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g023_6998177754567769403 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEM_XEzJp37XWDbuSCJviHRs&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=c06e0588-217b-403b-b447-bba1d5e85ca3 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1102610437234881370 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/c727a279cab353b8ac6c382cbe74a2&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-RgZivnhE2oOLTYRVAZ0k5pxSvo0Xhl7MQvkiysfS~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=4251611e-8598-4b00-8c73-6127e09feb5e&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=

Request Chain 639

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=&google_tc=

Request Chain 641

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=c727a279cab353b8ac6c382cbe74a2&ex=freewheel.tv&gdpr=0&gdpr_consent=

639 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.correiodopovo.com.br.admin-mcas.ms/ 1 KB
840 B 209ms
27ms Document
text/html 51.105.164.234
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.105.164.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

fbf5e48342d24dbec009b2d3800d954d3e31cafd01bea10fabc8d29d70eb8afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.correiodopovo.com.br.admin-mcas.ms
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
date: Thu, 19 Aug 2021 16:23:38 GMT
x-mcas-request-id: 8b7428ea2f75e24235dc9dd5e9e37503
strict-transport-security: max-age=31536000
expires: Mon, 01-Jan-1990 00:00:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-mcas-upstream-time: n/a
x-mcas-processing-time: 2
content-encoding: gzip
x-mcas-cache-status: MISS

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.4.17/js/ 5 KB
5 KB 62ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.4.17/js/session-context-store-helper.min.js
Requested by: Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b

Request headers

Referer: https://www.correiodopovo.com.br.admin-mcas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Thu, 19 Aug 2021 06:31:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: PLOXavfa2pddds7xHBr81w==
etag: 0x8D962DB03F97E67
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d7192f5e-401e-0019-4dd3-9478bc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31507429
x-ms-version: 2009-09-19
content-length: 5084

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.4.17/html/ Frame 8BF0 281 B
729 B 7ms
6ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.4.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.4.17/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6

Request headers

:method: GET
:authority: mcasproxy.azureedge.net
:scheme: https
:path: /proxyweb/1.4.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br.admin-mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br.admin-mcas.ms/

Response headers

content-length: 281
content-type: text/html
content-md5: vDuuGHIdcY/gQtnraxH9qw==
last-modified: Thu, 19 Aug 2021 06:32:25 GMT
etag: 0x8D962DB1BC43831
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 52426808-701e-011e-09d4-94c86c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31507475
date: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 session-context-restore.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.4.17/js/ Frame 8BF0 36 KB
36 KB 7ms
7ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.4.17/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.4.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 84631de0bca7e12b1b542849e146044afb360af10af6ae4f5d90ec534e017734

Request headers

Referer: https://mcasproxy.azureedge.net/proxyweb/1.4.17/html/session-context-restore.html?action=store&contextData=https%3A%2F%2Fwww.correiodopovo.com.br%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Thu, 19 Aug 2021 06:31:45 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: d0ja3c44qO7D3vm2nqObfQ==
etag: 0x8D962DB04148547
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0a4e61dc-c01e-0065-1dd4-94e589000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31507478
x-ms-version: 2009-09-19
content-length: 36521

GET
H2 200 Primary Request / Show response
www.correiodopovo.com.br/ 303 KB
49 KB 92ms
30ms Document
text/html 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 535212db8ba3904f7abf27c9643d859733cbfc5d91b135adb8e7a51dbc5f89e4

Request headers

:method: GET
:authority: www.correiodopovo.com.br
:scheme: https
:path: /?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.correiodopovo.com.br.admin-mcas.ms/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br.admin-mcas.ms/

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-type: text/html;charset=utf-8
content-length: 49938
vary: Accept-Encoding
server: nginx/1.12.2
cache-control: max-age=240
expires: Thu, 19 Aug 2021 16:27:38 GMT
x-cacheable: YES
x-cache-rule: YES with ttl: 60.000 /
content-encoding: gzip
age: 28
x-cache: HIT
v: 5
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
711 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d4d5938790a19395ff613bd5af478c384caf7926f23094297331936ace2e492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:23:38 GMT
server: ESF
date: Thu, 19 Aug 2021 16:23:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 72 KB
25 KB 517ms
456ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f29c50338b0b58d6e8ab940a5ce699b7531b92060823d97cb2188d9bfa6c1b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "963 / 135 of 1000 / last-modified: 1629385033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25304
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 43ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

176b638c389c39c6a3eb3ad45cb22f33d0519aea04a25457e1cbf5fcabb76020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49828
x-xss-protection: 0
server: cafe
etag: 18431015219193138647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1320/ 72 KB
24 KB 130ms
39ms Script
application/javascript 2.16.186.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1320/smart.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-113.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 932ab8a90ec8ec68042753902c29be406b517874bad3d2ca01fa75d7fb76ca24

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 24696
Expires: Thu, 19 Aug 2021 16:38:38 GMT

GET
H/1.1 200
OK smart.prebid.js Show response
tagmanager.smartadserver.com/1320/71754/ 15 KB
4 KB 142ms
52ms Script
application/javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: ff7835dd23219873216e3c692791c3a12f16456bd5e4e31dfeee42af427ce6a5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Jul 2021 11:34:09 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3af2-5c672ccdfd6ef-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3906

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 25ms
12ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 14:33:38 GMT
server: ESF
date: Thu, 19 Aug 2021 16:23:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
981 B 26ms
12ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300italic,400italic,700italic,400,700,300

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c34906f621bed08d975d42900c107ad05e7633d06ecb202739f5a9a99af910f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:15:23 GMT
server: ESF
date: Thu, 19 Aug 2021 16:23:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 bootstrap.min.css
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/ 107 KB
18 KB 44ms
27ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

:path: /polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18137
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 belamais.css
www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/ 27 KB
5 KB 45ms
28ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.232526.1615315562!/belamais.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: eca965f18f3bf501516fd5bdd7343363c6c8d002531d573a7461ad3281a27aa8

Request headers

:path: /polopoly_fs/3.232526.1615315562!/belamais.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.232526.1615315562!/belamais.css
last-modified: Tue, 09 Mar 2021 18:46:03 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 146 B
365 B 45ms
29ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 74f8bb668af45bc33e9009c79f96d20f72b101b6aa2e54367ca1d57fee38376a

Request headers

:path: /polopoly_fs/3.194.1594145527!/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/style.css
last-modified: Tue, 07 Jul 2020 18:12:08 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 865 B
639 B 45ms
29ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 65b19a5808c1a1d2593655c2b3c39ea52db2d0daa2a7cb3fbad3c2f71bef370b

Request headers

:path: /polopoly_fs/3.302.1615315537!/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/style.css
last-modified: Tue, 09 Mar 2021 18:45:37 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 comments.css
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 310 B
471 B 43ms
25ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/comments.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: be3ec5f1725890958c7ef75833b5fcaf41aa692812557006dec25f664b77ce33

Request headers

:path: /polopoly_fs/3.259.1551461019!/comments.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/comments.css
last-modified: Fri, 01 Mar 2019 17:23:40 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 197
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 video-js.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 13 KB
3 KB 43ms
25ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video-js.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a51d30b532fd6d11b67754b83e3af505df5fdc961fbbbe801afaa86e93841bab

Request headers

:path: /polopoly_fs/3.256.1551461012!/video-js.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video-js.css
last-modified: Fri, 01 Mar 2019 17:23:33 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 video.css
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 561 B
611 B 43ms
26ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 9639244213f83b30ccdc150e7b592be27b96d2d5eb06ce4753ad449ee4845a2c

Request headers

:path: /polopoly_fs/3.256.1551461012!/video.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.css
last-modified: Fri, 01 Mar 2019 17:23:33 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 339
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/ 2 KB
741 B 44ms
26ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.237.1615315513!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c9996338cf56895fe00f9ce9bd9733fbc484e636442a6c6917ee959cad2bcf85

Request headers

:path: /polopoly_fs/3.237.1615315513!/MainElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.237.1615315513!/MainElement.css
last-modified: Tue, 09 Mar 2021 18:45:13 GMT
server: nginx/1.12.2
age: 24
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 463
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/ 39 B
336 B 44ms
27ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.234.1615315510!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 3c550cc6106b84782b282835ee72face4e1d2e527a895493d5aa0a47359fe63b

Request headers

:path: /polopoly_fs/3.234.1615315510!/MainElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.234.1615315510!/MainElement.css
last-modified: Tue, 09 Mar 2021 18:45:11 GMT
server: nginx/1.12.2
age: 25
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 59
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/ 38 B
314 B 44ms
28ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 492253d2d2da0bebbef019e63d904ddb0b096f5a037c781a7cfda22c2332f692

Request headers

:path: /polopoly_fs/3.231.1615315500!/MainElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/MainElement.css
last-modified: Tue, 09 Mar 2021 18:45:06 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 tags.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 5 KB
2 KB 44ms
28ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.carousel.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 0cfd7a9f5b0e61c7667f3a157f90e0f4d7b8b0f8f4bee90d224899140030cda0

Request headers

:path: /polopoly_fs/3.231.1615315500!/css/tags.carousel.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.carousel.css
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.12.2
age: 39
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1388
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 tags.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 1 KB
849 B 44ms
28ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: aaad17d860310d83cdb8c7cfc336143de3f08ea3c34ced5d880bd6c666247ebc

Request headers

:path: /polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/tags.theme.default.css
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.12.2
age: 39
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 564
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 owl.carousel.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 5 KB
1 KB 44ms
29ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.carousel.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 8dd2b33486d15e920d6c71a134be819cb5559c83d45e0016e52f7c9f8dc718e1

Request headers

:path: /polopoly_fs/3.231.1615315500!/css/owl.carousel.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.carousel.css
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.12.2
age: 39
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1096
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 owl.theme.default.css
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/ 3 KB
1 KB 45ms
29ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4e369635987f4ee1f4bad20a4c30a6eeb4fc2afe3f185fa9f6a8ecb2c5131457

Request headers

:path: /polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/css/owl.theme.default.css
last-modified: Tue, 09 Mar 2021 18:45:01 GMT
server: nginx/1.12.2
age: 39
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 902
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 social-auth.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 46 B
322 B 45ms
29ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 2f18363fdebecf3ebd553e917a0048fd4644f33250cb98a12be9cf4597ea3919

Request headers

:path: /polopoly_fs/3.212.1615315469!/social-auth.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.css
last-modified: Tue, 09 Mar 2021 18:44:30 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 bootstrap-social.css
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 20 KB
3 KB 65ms
49ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/bootstrap-social.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 544fed9092e26545359b1586b76bcca554329ecfc5f204beaf06bfa4fa6fd2fa

Request headers

:path: /polopoly_fs/3.212.1615315469!/bootstrap-social.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/bootstrap-social.css
last-modified: Tue, 09 Mar 2021 18:44:29 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 fotorama.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 15 KB
3 KB 66ms
50ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

:path: /polopoly_fs/3.203.1615315462!/css/fotorama.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama.css
last-modified: Tue, 09 Mar 2021 18:44:22 GMT
server: nginx/1.12.2
age: 2
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2844
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 fotorama-custom.css
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/ 738 B
583 B 66ms
50ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a3226ebe4e39bc1ddcc45093d268ce2fb898cd9d27ed7e75100a97602229169a

Request headers

:path: /polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/css/fotorama-custom.css
last-modified: Tue, 09 Mar 2021 18:44:22 GMT
server: nginx/1.12.2
age: 2
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 302
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 SearchElement.css
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 1 KB
746 B 66ms
51ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 2f42b3a57c656fe308f398180a400f6b7f687e8396b9e1adabd83e67e7143968

Request headers

:path: /polopoly_fs/3.200.1615315459!/SearchElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.css
last-modified: Tue, 09 Mar 2021 18:44:19 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 909 B
626 B 66ms
51ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 3923e7c182008b2e667b295342b146adace165e25a8993e73e8688288968ac1f

Request headers

:path: /polopoly_fs/3.197.1615315455!/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/style.css
last-modified: Tue, 09 Mar 2021 18:44:15 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/ 110 B
384 B 67ms
51ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.184.1615315445!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 62e8401c97fb76307bac29e33631c8775c9b9e15d7506ca0bda87fff66452420

Request headers

:path: /polopoly_fs/3.184.1615315445!/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.184.1615315445!/style.css
last-modified: Tue, 09 Mar 2021 18:44:06 GMT
server: nginx/1.12.2
age: 18
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 111
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/ 857 B
551 B 67ms
52ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.178.1615315437!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c65dc23c9b6d7bdf0633746c5c48ab5fab0074c5087cfb6f2a814a426fd62273

Request headers

:path: /polopoly_fs/3.178.1615315437!/MainElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.178.1615315437!/MainElement.css
last-modified: Tue, 09 Mar 2021 18:43:57 GMT
server: nginx/1.12.2
age: 32
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 273
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/ 456 B
492 B 67ms
52ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.175.1615315435!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: fb66d50466654410ed1aba9e24bb40f3e64594968136cfc472c1afd1eb180dba

Request headers

:path: /polopoly_fs/3.175.1615315435!/MainElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.175.1615315435!/MainElement.css
last-modified: Tue, 09 Mar 2021 18:43:55 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 font-awesome.min.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/ 20 KB
5 KB 67ms
53ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

:path: /polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 fontscorreio.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/ 398 B
401 B 67ms
53ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 57214cdcf15665a435ed82c94b38f24c078b11949eb3a706ad8ae67a3318be5a

Request headers

:path: /polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 fontsbelamais.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/ 244 B
431 B 68ms
53ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 38c8cf532fa433d258c72dc8b5df1c1497720980a953c1072ec8538006fe79df

Request headers

:path: /polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontsbelamais/css/fontsbelamais.css
last-modified: Tue, 09 Mar 2021 18:43:44 GMT
server: nginx/1.12.2
age: 42
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 140
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 stylenovo.css
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/ 46 KB
9 KB 68ms
54ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/stylenovo.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 8de1758d33f2f42d6812a8c146fd5c785b12e4d071ecab06b9b05848072bb850

Request headers

:path: /polopoly_fs/3.163.1615315420!/stylenovo.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/stylenovo.css
last-modified: Tue, 09 Mar 2021 18:43:45 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 style.css
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 140 B
375 B 68ms
55ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/style.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: e0a652a1bd36b70149fa3c6fdb4bd8641593273e261f2c43ae5e5309fa98bd56

Request headers

:path: /polopoly_fs/3.153.1615315412!/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/style.css
last-modified: Tue, 09 Mar 2021 18:43:32 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/css
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 MainElement.css
www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/ 470 B
539 B 69ms
55ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.150.1615315409!/MainElement.css
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 923c7bc114115535d3859aa2a1ab45e35c6a674d7b221d6cb3b3520f6550d053

Request headers

:path: /polopoly_fs/3.150.1615315409!/MainElement.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.150.1615315409!/MainElement.css
last-modified: Tue, 09 Mar 2021 18:43:29 GMT
server: nginx/1.12.2
age: 54
x-cache: HIT
content-type: text/css
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 261
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 autotrack.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 25 KB
7 KB 72ms
58ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/autotrack.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: deaa8c25f96a0b2b3f348a5f55da84b402621e4a4be31baeb56ba3de133c99d6

Request headers

:path: /polopoly_fs/3.137.1615315402!/autotrack.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/autotrack.min.js
last-modified: Tue, 09 Mar 2021 18:43:24 GMT
server: nginx/1.12.2
age: 62
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7269
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/ 1 KB
1 KB 72ms
58ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path: /polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.137.1615315402!/jquery.cookie.min.js
last-modified: Tue, 09 Mar 2021 18:43:24 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/ 94 KB
33 KB 72ms
59ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

:path: /polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
last-modified: Fri, 01 Mar 2019 17:19:16 GMT
server: nginx/1.12.2
age: 39
vary: User-Agent
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33417
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H3-29

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

19ms
10ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 04:32:22 GMT
content-encoding: br
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4824
priority: u=3,i

Redirect headers

date: Thu, 19 Aug 2021 16:23:38 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 styles-b-7.22686
www.correiodopovo.com.br/cmlink/ 320 B
526 B 68ms
55ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/styles-b-7.22686
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: fc9448e4f6cabc6d0a353762496374b5d9b89e4fd6c0fbdb512fd11ccc63317d

Request headers

:path: /cmlink/styles-b-7.22686
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/styles-b-7.22686
last-modified: Mon, 16 Aug 2021 15:22:55 GMT
server: nginx/1.12.2
age: 54
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 231
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 ilimpiadas-7.22631
www.correiodopovo.com.br/cmlink/ 557 B
593 B 68ms
56ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/ilimpiadas-7.22631
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 5b185e5a7f143163b019160fec2f16566f16c7c4f1bdc416ebf50b0484d54879

Request headers

:path: /cmlink/ilimpiadas-7.22631
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/ilimpiadas-7.22631
last-modified: Thu, 22 Jul 2021 13:00:04 GMT
server: nginx/1.12.2
age: 13
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 297
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 removetemperatura-7.22567
www.correiodopovo.com.br/cmlink/ 193 B
480 B 68ms
56ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/removetemperatura-7.22567
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 5019e97c0311217cc34571bcac8cdf91a781a1e10f63e8ee987a0ba46442c9cd

Request headers

:path: /cmlink/removetemperatura-7.22567
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/removetemperatura-7.22567
last-modified: Tue, 29 Jun 2021 13:35:06 GMT
server: nginx/1.12.2
age: 18
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 179
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 vacinometro-7.22513
www.correiodopovo.com.br/cmlink/ 158 B
453 B 68ms
56ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/vacinometro-7.22513
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4a0ba512f1ad1dd3636aabbb0d18012f55febe82f71632e2cbf93094e403d067

Request headers

:path: /cmlink/vacinometro-7.22513
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/vacinometro-7.22513
last-modified: Wed, 02 Jun 2021 20:02:03 GMT
server: nginx/1.12.2
age: 19
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 156
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 patrocinio-topo-7.22393
www.correiodopovo.com.br/cmlink/ 581 B
602 B 69ms
57ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/patrocinio-topo-7.22393
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: f9b29e7257cfb5e783e10b78557c63f08b5fe7766a6dcb327d759d4fc91904ab

Request headers

:path: /cmlink/patrocinio-topo-7.22393
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/patrocinio-topo-7.22393
last-modified: Sat, 03 Apr 2021 13:36:32 GMT
server: nginx/1.12.2
age: 50
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 303
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 eleicao3-o-7.22099
www.correiodopovo.com.br/cmlink/ 7 KB
2 KB 69ms
57ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/eleicao3-o-7.22099
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a6741e8ba51548a0fd200e7c947f6be3b10419e328e9c0703a7bdfd8d8838b6c

Request headers

:path: /cmlink/eleicao3-o-7.22099
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/eleicao3-o-7.22099
last-modified: Fri, 13 Nov 2020 12:20:54 GMT
server: nginx/1.12.2
age: 49
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 1660
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 grid-o-7.21805
www.correiodopovo.com.br/cmlink/ 53 KB
8 KB 69ms
57ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/grid-o-7.21805
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: ddfc1dc0f5a47438c14a7372d2677f61df2edf6aa63da230e9efd95f0b45c4df

Request headers

:path: /cmlink/grid-o-7.21805
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/grid-o-7.21805
last-modified: Wed, 16 Jun 2021 12:00:19 GMT
server: nginx/1.12.2
age: 3
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 8095
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 cssbellamais-7.21806
www.correiodopovo.com.br/cmlink/ 748 B
582 B 69ms
58ms Stylesheet
text/css 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/cssbellamais-7.21806
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 441e54b1dba4df6b3fc07406d82f1e6069bb799c4c42f7296bf1830717c1aae7

Request headers

:path: /cmlink/cssbellamais-7.21806
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/cssbellamais-7.21806
last-modified: Wed, 30 Sep 2020 20:24:59 GMT
server: nginx/1.12.2
age: 30
x-cacheable: YES
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
v: 5
cache-control: max-age=240
accept-ranges: bytes
content-length: 285
expires: Thu, 19 Aug 2021 16:27:38 GMT

GET
H2 200 com.atex.gong.paywall.membership.js Show response
www.correiodopovo.com.br/js/ 7 KB
2 KB 74ms
62ms Script
application/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/js/com.atex.gong.paywall.membership.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8

Request headers

:path: /js/com.atex.gong.paywall.membership.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 86400.000 /js/com.atex.gong.paywall.membership.js
last-modified: Thu, 04 Oct 2018 03:33:34 GMT
server: nginx/1.12.2
age: 2
x-cache: HIT
content-type: application/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2011
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 ws-GTAYHGT2.js Show response
wfpscripts.webspectator.com/bootstrap/ 1 KB
934 B 380ms
110ms Script
application/x-javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fbd1edd661c3eeeae3650b9b6511e253dfe96ea8b4d016407025d439d40def1a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
last-modified: Tue, 03 Dec 2019 16:04:01 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"b0dccc480294ce8e2bfa6b534879b285"
x-cache-status: HIT
content-type: application/x-javascript
cache-control: max-age=31536000

GET
H2 200 denakop.js Show response
v3.denakop.com/ 53 KB
17 KB 67ms
23ms Script
application/javascript 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/denakop.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c8fe4cc1869a7c130a3179c1cc37e98e5e787822ce97538201c9d9ccfe12e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 578
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 17 Aug 2021 16:37:07 GMT
server: cloudflare
etag: W/"611be5b3-d2d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=3600
cf-ray: 6814ba434c51640d-FRA
cf-bgj: minify

GET
H2 200 barra.js Show response
barra.r7.com/ 26 KB
9 KB 137ms
22ms Script
application/x-javascript 2.21.140.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://barra.r7.com/barra.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.140.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-112.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5ba8490cc60fe0c0371c0acd84716072305214b84aa2959bd231c6cbc30c004d

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:02:28 GMT
server: AkamaiNetStorage
etag: "703e196e3c0da18c7b8365fb7bd025d7:1618419748.848626"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=539782
accept-ranges: bytes
content-length: 8872

GET
H2 200 Correio_do_Povo_branco.png
portal.correiodopovo.com.br/imagens/ 4 KB
4 KB 1121ms
501ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correio_do_Povo_branco.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2709dcd48925c938d98757dd3cbc7708d9f49eb46212174d7954a68ff66390e2

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Mon, 15 Jul 2019 19:56:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e0743667473bd51:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3706

GET
H2 200 Correio_do_Povo.png
portal.correiodopovo.com.br/imagens/ 15 KB
15 KB 876ms
256ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correio_do_Povo.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f4a852bdf0dfa921e7144308a4c48b1aed1695389eb76bdd71d4a48799441052

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Mon, 15 Jul 2019 19:56:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e99a3667473bd51:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15396

GET
H2 200 linkedin.png
portal.correiodopovo.com.br/imagens/social/ 347 B
427 B 871ms
252ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/linkedin.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29fc8c47a94d2164aa2cbedd171d0975dc9d2ba60921e36eb580467f0a68af13

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Fri, 28 Aug 2020 14:48:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "282b6474a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 347

GET
H2 200 instagram.png
portal.correiodopovo.com.br/imagens/social/ 676 B
757 B 871ms
251ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/instagram.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe55f6306326e8e0ae4495684d8d742eeb3565d40bc0c9d95e0c6f557a65e64c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Fri, 28 Aug 2020 14:48:33 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a8a1ae4d4a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 676

GET
H2 200 facebook.png
portal.correiodopovo.com.br/imagens/social/ 295 B
376 B 817ms
257ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/facebook.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3e4cf41484e16a8e99ea65620ecac036df5d23dc0b60adfa7ced3f7793f26f72

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Fri, 28 Aug 2020 14:48:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "dfbde25b4a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 295

GET
H2 200 youtube.png
portal.correiodopovo.com.br/imagens/social/ 382 B
463 B 809ms
257ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/youtube.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8cba0effb5b2fe3741e8a4c0e81f3eec76b8d864e39d05b3c3182dcb427ce308

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Fri, 28 Aug 2020 14:49:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e2d595674a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 382

GET
H2 200 twitter.png
portal.correiodopovo.com.br/imagens/social/ 484 B
648 B 743ms
251ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/social/twitter.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 401c305a433d8f0ec7bcad2bf9acd9637e04aa91fe02d5c6ee4ffefafc8fd206

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Fri, 28 Aug 2020 14:49:09 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "e73b13634a7dd61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 484

GET
H2 200 hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 5 KB
5 KB 77ms
67ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 9c9ac6a6240e80e9c27305fbf104935e6276c8cad2ef9081377735cfea02ae47

Request headers

:path: /image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.6&w=120&$p$f$q$w=3ce26f5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 24267
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4874
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 4 KB
4 KB 78ms
68ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 6c3baac1987f8ea44ed14204bedd2a588a8480e33a1162df639433fa32c3ec43

Request headers

:path: /image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.6&w=120&$p$f$q$w=e0931c8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 20789
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4136
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 bella_preto.png
portal.correiodopovo.com.br/imagens/ 40 KB
40 KB 499ms
495ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/bella_preto.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 406fc2ecaa46e7c318d304cadec8b18681d750884c0e1ea0e42f9fcd4f37932a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Mon, 28 Sep 2020 22:24:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0c02610e695d61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 40820

GET
H2 403 platform.js
apis.google.com/js/ 0
0 442ms
442ms Script
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/platform.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6057a04c33417c6bc7fa2621cc03ef1ef1292c446c78c648fea5a9467d6ab234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38793
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:08:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 all.min.js Show response
plugins.soclminer.com.br/v3/sdk/ 129 KB
34 KB 54ms
22ms Script
application/javascript 2606:4700:20::681a:d55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.soclminer.com.br/v3/sdk/all.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1c7f8e22a158eaf4528dc6837ddf54344b27aac55c98ba4d843b7a6cba6970

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25451
x-amz-request-id: 60TRXWSBGQM310BK
x-amz-id-2: EJZu3UUbXA7h7NED8H8yX15+RQLh8+0s8gxHdK6dt2F9RQpXrY6YW3HFk9PXuNc37A2d/4Tj1+E=
last-modified: Tue, 27 Apr 2021 23:29:34 GMT
server: cloudflare
etag: W/"5add67ef8194e067ee0fd36a665defc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGoki9r1TgV3g%2Bvr2JcYHm0H4V1naez0AWgJV9Pn0qu53hUQtRPMTpIcLRr5McLBTNpq9KL8srdGPDk11kf5nZ2oFIz6TYTiA1e6jd%2FlvNd2Ig793Xbg4lk28HC%2FFVej2EXRsbx76w5npENWhOTAHQqQGrBBCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 6814ba43fd7e42db-FRA

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 12 KB
4 KB 43ms
24ms Script
application/javascript 2606:4700::6810:df3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:df3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a417e36bac3467a4f50791cd7f1e46b03ee69bb6fd7378fd9b97c63554efea

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Aug 2021 18:52:35 GMT
server: cloudflare
age: 3091
etag: W/"611d56f3-3163"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6814ba43e9839784-FRA
content-type: application/javascript
expires: Thu, 19 Aug 2021 16:32:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: 9bCKg4Zwtv4q5kipYbK+0kD/Qxq3KQm8cNbPE4VUwTEvVBcfui7nlDLMVDFVGeFiQDmIsEaBhvbpWYZdnyOFKA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 19 Aug 2021 16:23:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 image.jpeg
www.correiodopovo.com.br/image/policy:1.676363:1629389107/ 6 KB
6 KB 78ms
68ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676363:1629389107/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 401b509a9c509586d865014d3c6a277852b45106550a11848075862f12e4235c

Request headers

:path: /image/policy:1.676363:1629389107/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 6398
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 5970
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.676348:1629388925/ 6 KB
6 KB 78ms
69ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676348:1629388925/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 8ceb7bdebcd881d87693f5522d274c89119f662177f949058a0311359448b391

Request headers

:path: /image/policy:1.676348:1629388925/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 6410
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 6038
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.676334:1629387754/ 13 KB
13 KB 79ms
69ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676334:1629387754/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 24b676cee5c154b9a08d3d5221d70fb5da87179091716120a3e6912c9b371e27

Request headers

:path: /image/policy:1.676334:1629387754/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 11016
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 12876
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 image.png
www.correiodopovo.com.br/image/policy:1.676326:1629386842/ 9 KB
9 KB 79ms
70ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676326:1629386842/image.png?a=2%3A1&q=0.6&w=360&$p$a$q$w=6c73477
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 66deed53c7e13936e02b28f0a33072565a66dc635500f6f3a2be7ab3078ba0d7

Request headers

:path: /image/policy:1.676326:1629386842/image.png?a=2%3A1&q=0.6&w=360&$p$a$q$w=6c73477
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 150284
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 9094
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 image.jpeg
www.correiodopovo.com.br/image/policy:1.676340:1629387642/ 19 KB
19 KB 79ms
70ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676340:1629387642/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ebf182908650af1120f7222545c2edbd6f9789fc34fd30e460202667b5e2b0b4

Request headers

:path: /image/policy:1.676340:1629387642/image.jpeg?a=2%3A1&q=0.6&w=360&$p$a$q$w=ef7ceb5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 14607
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 19290
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 image.jpg
www.correiodopovo.com.br/image/policy:1.676321:1629386302/ 20 KB
21 KB 82ms
73ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676321:1629386302/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 2119fce391f91c542ea337e8e80219fd1a758782edae2588260b46bafc9cf1e2

Request headers

:path: /image/policy:1.676321:1629386302/image.jpg?a=2%3A1&q=0.6&w=360&$p$a$q$w=8a8d975
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 15992
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 20866
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 Correiodopovo_horizontal.png
portal.correiodopovo.com.br/imagens/ 34 KB
34 KB 750ms
745ms Image
image/png 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.correiodopovo.com.br/imagens/Correiodopovo_horizontal.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 607a6a5706bbca51e1eb64a7d83783362e92d1ffcd2e91116e778d2d7fe6424b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
last-modified: Mon, 21 Sep 2020 16:18:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0b593d53290d61:0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35024

GET
H2 200 bootstrap.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/ 31 KB
9 KB 48ms
35ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

:path: /polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/js/bootstrap.min.js
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8536
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 Imager.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/ 6 KB
2 KB 48ms
36ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.159.1615315419!/Imager.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: cb8645e0bd04e1ff25faa1c0e956ad2f12f35d752d55ba2ae97cee37d37e2836

Request headers

:path: /polopoly_fs/3.159.1615315419!/Imager.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.159.1615315419!/Imager.min.js
last-modified: Tue, 09 Mar 2021 18:43:39 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 1 KB
1 KB 48ms
36ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: cfcc22d197db65b2991542ddb35450493e299781d1491c95015d0f8537ccdf4f

Request headers

:path: /polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/jquery.cookie.min.js
last-modified: Tue, 09 Mar 2021 18:44:12 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 users.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/ 810 B
685 B 49ms
37ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.191.1615315451!/users.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 2b87ad2e3dbfb1efc89a89bc0da9f724824d1612ae8db8bf7e47dd337fdc7151

Request headers

:path: /polopoly_fs/3.191.1615315451!/users.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.191.1615315451!/users.min.js
last-modified: Tue, 09 Mar 2021 18:44:12 GMT
server: nginx/1.12.2
age: 40
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 404
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 persona.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/ 441 B
561 B 49ms
36ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.194.1594145527!/persona.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 4f90beb9c5ce266d97c88013d263ba85320e90d5fc6f3ab016d42aafd330d70e

Request headers

:path: /polopoly_fs/3.194.1594145527!/persona.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.194.1594145527!/persona.min.js
last-modified: Tue, 07 Jul 2020 18:12:08 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 280
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 poll.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/ 1 KB
836 B 49ms
36ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.302.1615315537!/poll.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: d97edfe6552e3143d0007b5e8103f3b39a3dd32898a97c20cb7337978feaf83f

Request headers

:path: /polopoly_fs/3.302.1615315537!/poll.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.302.1615315537!/poll.min.js
last-modified: Tue, 09 Mar 2021 18:45:37 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 autosize.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/ 2 KB
1 KB 50ms
37ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.259.1551461019!/autosize.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 78ac6beb4da15e1e9f06a07eeb39f8f7ea755cd4c3e5958fddb4aa14fc72e123

Request headers

:path: /polopoly_fs/3.259.1551461019!/autosize.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.259.1551461019!/autosize.min.js
last-modified: Fri, 01 Mar 2019 17:23:39 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 video.js Show response
www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/ 66 KB
20 KB 50ms
37ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.256.1551461012!/video.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: db4243fcb42af79e27f42ebeb09f99e3ef5b4e0ea12f99cbd10d29e28e6966fd

Request headers

:path: /polopoly_fs/3.256.1551461012!/video.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.256.1551461012!/video.js
last-modified: Fri, 01 Mar 2019 17:23:32 GMT
server: nginx/1.12.2
age: 1
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20089
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 tags.carousel.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 46 KB
11 KB 52ms
39ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.carousel.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 5f86eaa44bebd90324fd49d796ef010ec39f6af364018066d4e2ace0bab956fe

Request headers

:path: /polopoly_fs/3.231.1615315500!/js/tags.carousel.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.carousel.js
last-modified: Tue, 09 Mar 2021 18:45:02 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 tags.navigation.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 11 KB
3 KB 52ms
40ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/tags.navigation.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 6bb3c7d3cd8b6ae6301a23cafa2167ed0fe548f5dc0826af8643c16844333c2e

Request headers

:path: /polopoly_fs/3.231.1615315500!/js/tags.navigation.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/tags.navigation.js
last-modified: Tue, 09 Mar 2021 18:45:02 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 owl.carousel.js Show response
www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/ 32 KB
7 KB 53ms
40ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.231.1615315500!/js/owl.carousel.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c8be74ac4dc355f0a46acec8e7ab86091eca59c2eaac5d21a0b403bd6241291e

Request headers

:path: /polopoly_fs/3.231.1615315500!/js/owl.carousel.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.231.1615315500!/js/owl.carousel.js
last-modified: Tue, 09 Mar 2021 18:45:02 GMT
server: nginx/1.12.2
age: 40
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7137
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 social-auth.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/ 490 B
567 B 76ms
64ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.212.1615315469!/social-auth.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 1b084d429d350edc68e28a4b0f291b97bfcc1a8ae416b5c16cf8b0d11e1e59fd

Request headers

:path: /polopoly_fs/3.212.1615315469!/social-auth.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.212.1615315469!/social-auth.min.js
last-modified: Tue, 09 Mar 2021 18:44:30 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 fotorama.js Show response
www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/ 38 KB
16 KB 76ms
65ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.203.1615315462!/js/fotorama.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

:path: /polopoly_fs/3.203.1615315462!/js/fotorama.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.203.1615315462!/js/fotorama.js
last-modified: Tue, 09 Mar 2021 18:44:22 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 namespace.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 220 B
440 B 77ms
65ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/namespace.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: e9a50c3fbd67964dcbfc166909d19e96f25f32c40ad50d656899f2aa381973b0

Request headers

:path: /polopoly_fs/3.200.1615315459!/namespace.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/namespace.min.js
last-modified: Tue, 09 Mar 2021 18:44:20 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 SearchElement.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/ 549 B
582 B 77ms
66ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.200.1615315459!/SearchElement.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: be735dbbce112db814813ebefa31710c76e242cce684d3daf6a9598bcac039f7

Request headers

:path: /polopoly_fs/3.200.1615315459!/SearchElement.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.200.1615315459!/SearchElement.min.js
last-modified: Tue, 09 Mar 2021 18:44:20 GMT
server: nginx/1.12.2
age: 3
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 297
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 personalization.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/ 887 B
814 B 78ms
66ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.197.1615315455!/personalization.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: a752ad4a6219ea21dec555f682ff9e49ed22c8c4c4e2d992312b13c8cebcec31

Request headers

:path: /polopoly_fs/3.197.1615315455!/personalization.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.197.1615315455!/personalization.min.js
last-modified: Tue, 09 Mar 2021 18:44:15 GMT
server: nginx/1.12.2
age: 11
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 526
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 infiniteScroll.js Show response
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 2 KB
1 KB 78ms
67ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 59758d6213ae16ffc0498f7ec1747b84047dd0cc9ff2c1da7aeb66b47f9bda5c

Request headers

:path: /polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/infiniteScroll.js
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 funcoes.js Show response
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/ 8 KB
3 KB 78ms
67ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/js/funcoes.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c740d8dd4494a96507134e544fb09e2d7e7812ded83f4978c7e5878188414647

Request headers

:path: /polopoly_fs/3.163.1615315420!/js/funcoes.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/js/funcoes.js
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.12.2
age: 43
x-cache: HIT
content-type: text/javascript
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2358
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 plugin.min.js Show response
www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/ 192 B
412 B 78ms
67ms Script
text/javascript 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.153.1615315412!/plugin.min.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 98344eec8842ef328890a29cd19a5d3b308eb9db3906b47e8146e5231d4a2eb0

Request headers

:path: /polopoly_fs/3.153.1615315412!/plugin.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.153.1615315412!/plugin.min.js
last-modified: Tue, 09 Mar 2021 18:43:32 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: text/javascript
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H/1.1 200
OK init Show response
webservices.webspectator.com/ 3 KB
2 KB 490ms
113ms Script
application/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1629390218715
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 213ee57eea3434f4f28a4fe4a4f4442bd3987c4cb8cd5479a7d90f57cb7adebb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:39 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 40ms
12ms Script
application/javascript 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:02:29 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1269
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: nNJ-Dw8LxVZjaHtfxUxHayRiozqB12bX4p5d_QYqvZFtHgc54Z1mLA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 26ms
7ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/bootstrap/ws-GTAYHGT2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 26 Aug 2021 16:23:38 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/correiodopovo/ 390 KB
32 KB 71ms
20ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f803de147ac5f1ac8fad6bf9754a6eddc91edb22df0a2fd89a4e83f71925cca1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WDPklan_wTDVErtNYxcinQOwZdlQCqX.
content-encoding: gzip
etag: "207a137564abc6f4fa48ad48e30f78a6"
age: 17416
x-cache: HIT
content-length: 32720
x-amz-id-2: lG7+hwGhfOmErZwUJ5qk6sFfKb5qqb/MTzy60q76onMtSAhJXHItqinFU3gY3Fy/HXIrWJcuyU0=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 19 Aug 2021 11:25:54 GMT
server: AmazonS3
x-timer: S1629390219.916784,VS0,VE1
date: Thu, 19 Aug 2021 16:23:38 GMT
vary: Accept-Encoding
x-amz-request-id: WNWBJA385R2EQNMR
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 98
x-cache-hits: 1

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/correiodopovo/ 54 KB
16 KB 64ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dace3c80f41ab245b0c1ed8ee192cfda1cc764a4a15e83c28bdbae529b1d1ee3

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "6d0a3d0a56a0d3318f9c30ce3d5680fb"
age: 136
x-cache: HIT
content-length: 16138
x-amz-id-2: ekcy0GRlyQ2ssiDo0MKJI8T3fAq3hdFfNEEkO0OTAzDtj11elovYi3WOZmKgnEryxFza0Ko0OGw=
x-served-by: cache-fra19168-FRA
last-modified: Fri, 04 Sep 2020 23:39:48 GMT
server: AmazonS3
x-timer: S1629390219.910699,VS0,VE1
date: Thu, 19 Aug 2021 16:23:38 GMT
vary: Accept-Encoding
x-amz-request-id: 5F9HQCHCA951G1D9
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H3-29 200 css
fonts.googleapis.com/ 4 KB
643 B 21ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cccc3d4fe1b7cd4f3ed2c066b67bf08eb37dca00ef9888edc499a78d126b531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 14:36:09 GMT
server: ESF
date: Thu, 19 Aug 2021 16:23:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H/1.1 200
OK 58ee86211d42061afb000002 Show response
cms-media-api.r7.com/menu/ 32 KB
5 KB 111ms
22ms Fetch
application/json 2.21.140.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cms-media-api.r7.com/menu/58ee86211d42061afb000002
Requested by: Host: barra.r7.com
URL: https://barra.r7.com/barra.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.140.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe05f7666bdf9cabf870f456ecb963082a2b9915946215c49e92a780756938b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:38 GMT
Content-Encoding: gzip
ETag
Vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: !no-store, must-revalidate, max-age=120
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5200

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 229883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H2 200 glyphicons-halflings-regular.woff
www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/ 23 KB
23 KB 52ms
51ms Font
application/x-font-woff 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 7f98ff9434849daca0cadf865d4639a48d85a7ad473a30961680c7f285a885eb

Request headers

:path: /polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
pragma: no-cache
origin: https://www.correiodopovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.146.1551460757!/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.146.1551460757!/fonts/glyphicons-halflings-regular.woff
last-modified: Fri, 01 Mar 2019 17:19:18 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: application/x-font-woff;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 ClanOT-Book.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 95 KB
44 KB 56ms
55ms Font
application/octet-stream 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: c9ef226218315b5804f91c7ae1b34352194e14f1dac157c814325d179dbcc25d

Request headers

:path: /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
pragma: no-cache
origin: https://www.correiodopovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-Book.otf
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.12.2
age: 42
x-cache: HIT
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45109
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 ClanOT-News.otf
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ 95 KB
44 KB 50ms
47ms Font
application/octet-stream 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 9a877726a7ea75d3ff46da702d8e1efbf615f7af09763ac702b2fe96f3e6f998

Request headers

:path: /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
pragma: no-cache
origin: https://www.correiodopovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontscorreio/css/fontscorreio.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontscorreio/css/fonts/ClanOT-News.otf
last-modified: Tue, 09 Mar 2021 18:43:43 GMT
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: application/octet-stream;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 hiltor.png
www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/ 22 KB
22 KB 31ms
29ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ee02e8a1152b104e2b5eeba69154b873ad70a9422be49e4e4909ab016c9257df

Request headers

:path: /image/policy:1.490139:1601522967/image/hiltor.png?f=1x1&q=0.9&w=360&$p$f$q$w=4b00dcf
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 189676
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 22188
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 guilherme.png
www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/ 15 KB
15 KB 36ms
36ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: f7a939d43320bc1e8606404dfb97b3ac8cd6c32bb3f821d47112c36f343f3109

Request headers

:path: /image/policy:1.490140:1601522968/image/guilherme.png?f=1x1&q=0.9&w=360&$p$f$q$w=76b46ee
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 157332
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 15166
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 juremir.png
www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/ 18 KB
18 KB 44ms
43ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e67c7005f97f0b57b13f0725ab31c7b0c27aff3753701b6e8fd7631e163e5209

Request headers

:path: /image/policy:1.490137:1601522967/image/juremir.png?f=1x1&q=0.9&w=360&$p$f$q$w=f0c0c40
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 176728
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18528
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 taline.png
www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/ 18 KB
18 KB 44ms
43ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 49582fd71fd13d10cd0d8071d8ddbf9abc5f5292e5f2bf83ff4028cd99dc16ea

Request headers

:path: /image/policy:1.490134:1601522966/image/taline.png?f=1x1&q=0.9&w=360&$p$f$q$w=4c53641
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 190658
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18710
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 alexandre.png
www.correiodopovo.com.br/image/policy:1.488037:1601342579/ 17 KB
17 KB 33ms
32ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: fa7f3e34aeffa172cebd8a89c53a94f3fb5804b9c6b2ddeccdfc14e95d163ffb

Request headers

:path: /image/policy:1.488037:1601342579/alexandre.png?f=1x1&q=0.9&w=360&$p$f$q$w=885fff7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 172753
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 17428
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 nando.png
www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/ 16 KB
16 KB 34ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ee2eb05a42f913e9d0b507359bf249acc024088eae85e30976cca0169a557cd2

Request headers

:path: /image/policy:1.490125:1601522850/image/nando.png?f=1x1&q=0.9&w=360&$p$f$q$w=94728cc
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 154908
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 16348
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 jurandir.png
www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/ 21 KB
22 KB 31ms
30ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 06312eaf6212c106b7eb9c622c7023c9a0991b83a098b666ca0ca40efc503a2b

Request headers

:path: /image/policy:1.490138:1601522967/image/jurandir.png?f=1x1&q=0.9&w=360&$p$f$q$w=44f0cae
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 169649
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 21864
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 bessi.png
www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/ 18 KB
18 KB 34ms
34ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: af1f381103707015c1efb1924b9104a024a2a78c7c9e8a94f374764d19e6529e

Request headers

:path: /image/policy:1.490144:1601522969/image/bessi.png?f=1x1&q=0.9&w=360&$p$f$q$w=0159d65
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 176614
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 18416
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 conill.png
www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/ 15 KB
15 KB 36ms
29ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d3674fcd1c65192a32ebf67cc37b9aa3dbd5a83b1f67b590c7e2d08d30eae1d4

Request headers

:path: /image/policy:1.490143:1601522968/image/conill.png?f=1x1&q=0.9&w=360&$p$f$q$w=5265847
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 141166
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 15134
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 Prancheta%2048.png
www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/ 17 KB
17 KB 37ms
30ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 13ccb9daf82a23a5a1c8b7fbcd074b720fa6bb5144ab2a95d17ab6fc83a2f913

Request headers

:path: /image/policy:1.490135:1601522966/image/Prancheta%2048.png?f=1x1&q=0.9&w=360&$p$f$q$w=bce90c1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 164232
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 17390
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 gonzaga.png
www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/ 21 KB
21 KB 37ms
31ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e1525da0eb146a3c688ebfdb6c6e70e0488f8e39fbc4c61a7fbd62c906dd0747

Request headers

:path: /image/policy:1.490141:1601522968/image/gonzaga.png?f=1x1&q=0.9&w=360&$p$f$q$w=f2519d3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
server: Azion IMS
x-original-image-size: 194247
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 21096
expires: Sat, 18 Sep 2021 16:23:38 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:11:26 GMT
x-content-type-options: nosniff
age: 227532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:11:26 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 229883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H3-29 200 correiodopovo.com.br Show response
v3.denakop.com/ad-request/10102/desktop/ 656 B
808 B 359ms
349ms Script
application/javascript 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/ad-request/10102/desktop/correiodopovo.com.br

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c168116d541e7fa2645881bedeb73a1978d80fa3368d2a61d9ecff94f82b1221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: private, max-age=1800
access-control-allow-credentials: true
cf-ray: 6814ba444be24e61-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame 957A 13 KB
6 KB 48ms
14ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 21:04:44 GMT
content-encoding: gzip
age: 69534
x-guploader-uploadid: ADPycdvhJpYO8RNJg21FFjCmGZjoDwEexZPi0kcLsYhCB-JIR24yyo-GD_kxwJgUq9KuyptoNBjo6EaeXiYWVPahgwE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5285
last-modified: Mon, 19 Apr 2021 15:43:34 GMT
server: UploadServer
etag: "603f25fd36318626ab410174bd3e1cd3"
x-goog-hash: crc32c=QOm0Sg==, md5=YD8l/TYxhiarQQF0vT4c0w==
content-language: en
x-goog-generation: 1618847014064238
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Aug 2021 21:04:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
94 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:23:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame FC24 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 18 Aug 2021 20:11:15 GMT
expires: Wed, 01 Sep 2021 20:11:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 72743
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 profiles.js Show response
barra.r7.com/tailtarget/ 13 KB
5 KB 25ms
24ms Script
application/x-javascript 2.21.140.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://barra.r7.com/tailtarget/profiles.js
Requested by: Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.140.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-112.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3325fba4bc0b8a61018adb2d0bb0fa89a1ab92e7fb8459bc16d39209b82ad7f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:38 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 17:02:29 GMT
server: AkamaiNetStorage
etag: "8004950a941b96d9c812191aaaa6ce00:1618419749.19302"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=77038
accept-ranges: bytes
content-length: 5253

GET
H3-29 200 pubads_impl_2021081601.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
114 KB 64ms
35ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33151fb68c3480148b67a95e7a429b696e928453f13d1305a4cea2e7d79db03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 08:47:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117130
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:39 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 149 B
134 B 58ms
30ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

cafe /

Resource Hash

2855423c286615531dc347a0dc42d7daea8352bbb430ea2c8edb31d60ece18bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:39 GMT

GET
H/1.1 200
OK prebid.js Show response
tagmanager.smartadserver.com/latest/ 631 KB
196 KB 35ms
32ms Script
application/javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tagmanager.smartadserver.com/latest/prebid.js
Requested by: Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/1320/71754/smart.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: e17670151cf0c7a725e3809cfa0fb04b2153958d2e51c3ccf0166e5154161052

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Aug 2021 10:08:34 GMT
Server: Apache/2.4.25 (Debian)
ETag: "9da80-5c8b8fc2e8c80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 200708

GET
H3-29 200 204496277643064 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 77ms
76ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/204496277643064?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7eb36bee94f616f1aa1c62170804d75b2d399186702c49741f8412b9aff4a7a2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: S5F9XyjKPusUZbcaGU2eATpVrKp8GjegpULV3o1ZhfmlJbQZ2REq+xBp9dWKFSKBVoqdU9J+vlrezyiTmUAH4g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 16:23:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:13:50 GMT
x-content-type-options: nosniff
age: 36589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 06:13:50 GMT

GET
H2 200 rules-p-HGAVM7nQJ_sep.js Show response
rules.quantcount.com/ 3 B
430 B 60ms
12ms Script
application/javascript 2600:9000:2190:ae00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-HGAVM7nQJ_sep.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ae00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 01:41:01 GMT
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
age: 52963
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:26:00 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: h7Jtdfhr3whVKW_BKfakq89AwVNcytk5qwywZdJwzfHkXkJHFtfiQQ==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=22153319&ns__t=1629390219072&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.c...
https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1629390219072&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo....

64 B
331 B

21ms
20ms

Image
image/gif

13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1629390219072&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: wQRG3DLHEcvdCpQMEwRBCetVfK8KR7998uiExpNKP_eoIJWHaU3xaQ==

Redirect headers

date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=22153319&ns__t=1629390219072&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F
content-length: 242
x-amz-cf-id: Tmi-f-XxMlvpsFKn7600HVTQq4Gep9fXCUEgNooEYtMtQ9I-WZewNQ==

GET
H2 200 cinecp.png
www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/ 4 KB
4 KB 38ms
31ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 65b902c64261cb352f2ee7f0c06de82d636f5e2a026fac7894e8cc505ccc7624

Request headers

:path: /image/policy:1.490582:1601576034/image/cinecp.png?f=1x1&q=0.9&w=360&$p$f$q$w=8ecc1e0
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 28419
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4402
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 dialogosnovo.png
www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/ 4 KB
4 KB 39ms
32ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 466acd3ef2156a1e8d6d03e52cce266d34fc3bcc6935dfaacd538ec88c0b198d

Request headers

:path: /image/policy:1.490809:1601591726/image/dialogosnovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=e228cf0
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 11381
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3930
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 seculonovo.png
www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/ 8 KB
8 KB 39ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d4852e0c1e28302c1d482a7afe0c0cd2caf3207aa83bb34cdfa182dd2e6386ae

Request headers

:path: /image/policy:1.490810:1601591727/image/seculonovo.png?f=1x1&q=0.9&w=360&$p$f$q$w=8c77f46
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 49818
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 8110
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 planocarreira.png
www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/ 4 KB
4 KB 39ms
34ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 600ff561432bee59a33c280363a5581abc236781c2f29d56d04a8588d9546359

Request headers

:path: /image/policy:1.490585:1601576035/image/planocarreira.png?f=1x1&q=0.9&w=360&$p$f$q$w=fd4fad1
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 27000
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3708
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 cenarock.png
www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/ 5 KB
5 KB 40ms
35ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: f9a3c8c5712cba189115d7a63fbd487719a42ab0d628dc63b0cd506cf1914e97

Request headers

:path: /image/policy:1.490576:1601576032/image/cenarock.png?f=1x1&q=0.9&w=360&$p$f$q$w=121b5d6
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 42068
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4618
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 pitlane.png
www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/ 3 KB
4 KB 36ms
35ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 6cd2df3d9315f215316ec08d7fe62c380aa3617e04bf459924e12b5f2e263c7a

Request headers

:path: /image/policy:1.490575:1601576032/image/pitlane.png?f=1x1&q=0.9&w=360&$p$f$q$w=b981aef
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 24799
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3556
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 carrosemotos.png
www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/ 4 KB
4 KB 36ms
31ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 508fba79123a7eca704546da35ebb132e46337686b8a5a67c4211e0a16e28e8e

Request headers

:path: /image/policy:1.490586:1601576035/image/carrosemotos.png?f=1x1&q=0.9&w=360&$p$f$q$w=b7bd3d6
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 26579
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4220
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 correiofeminino.png
www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/ 5 KB
5 KB 35ms
32ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 5e9053378edea86a34d5c4cbe3c55b92694ff648e79930224b842a730de76189

Request headers

:path: /image/policy:1.490579:1601576033/image/correiofeminino.png?f=1x1&q=0.9&w=360&$p$f$q$w=89a48d9
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 40227
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4758
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 fotocorreio.png
www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/ 4 KB
4 KB 35ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 14cc03bc3cb62a25bc65bb84d6a79e30a8e18abfdd395ecc9000861ee45443dd

Request headers

:path: /image/policy:1.490574:1601576031/image/fotocorreio.png?f=1x1&q=0.9&w=360&$p$f$q$w=2ca0c40
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 41706
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4336
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 logo%20of-jor02.png
www.correiodopovo.com.br/image/policy:1.515193:1604606827/ 12 KB
12 KB 35ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: e2d9bd9f5ffc43461e3a39c12001ed9c90664a090e83eb7985434dd93c283e21

Request headers

:path: /image/policy:1.515193:1604606827/logo%20of-jor02.png?f=1x1&q=0.9&w=360&$p$f$q$w=995a2dd
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 34768
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 12048
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 dialogos.png
www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/ 3 KB
4 KB 35ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 5b8e349fe54136e445a39b530704cf05270fb20a6c144ea0267bd8176eb3698b

Request headers

:path: /image/policy:1.490581:1601576033/image/dialogos.png?f=1x1&q=0.9&w=360&$p$f$q$w=3cf7946
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 8640
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 3468
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 campereada.png
www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/ 4 KB
4 KB 36ms
35ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 8248af8592a78954b8050a4f78d12e1680a57a0f2a8884bae9eec06116d3d8c5

Request headers

:path: /image/policy:1.490577:1601576032/image/campereada.png?f=1x1&q=0.9&w=360&$p$f$q$w=e6f6f9b
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 24813
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4240
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 bichoamigo.png
www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/ 4 KB
4 KB 32ms
30ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 74c58dceae9cbe820cdf7d14bf41fd03a98f9e19cfc5a96327d0c13db2777390

Request headers

:path: /image/policy:1.490578:1601576033/image/bichoamigo.png?f=1x1&q=0.9&w=360&$p$f$q$w=19ed566
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 33055
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 4332
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 livrosamais.png
www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/ 5 KB
6 KB 37ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 66623b0935ee7dfbc98fcace56472beb123f03c695a443c8793ae1d0f9c22b3b

Request headers

:path: /image/policy:1.490584:1601576034/image/livrosamais.png?f=1x1&q=0.9&w=360&$p$f$q$w=57ef8e7
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 40778
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 5496
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 /
vacina.saude.rs.gov.br/ Frame C812 5 MB
1 MB 1658ms
267ms Document
text/html 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0 ASP.NET
Resource Hash

Request headers

:method: GET
:authority: vacina.saude.rs.gov.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 23:25:01 GMT
accept-ranges: bytes
etag: "5381d8-5c9ddbe4f6d7e"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0 ASP.NET
date: Thu, 19 Aug 2021 16:23:40 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b07724951dffad5e8c866788dc3d5e851420746d2a48e7b3afa70c4f6affcf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:39 GMT

GET
H2 200 329022_2819.js Show response
receiver.posclick.dinamize.com/forms/js/ 87 KB
24 KB 400ms
120ms Script
text/javascript 3.23.208.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://receiver.posclick.dinamize.com/forms/js/329022_2819.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.23.208.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-208-81.us-east-2.compute.amazonaws.com
Software: Dinamize-PcReceiver /
Resource Hash: 961cb61d6a9bbaa0ef6485fcd8bb7b8dc500ab65e287cb3e98fff3ff75e48454

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:23:39 GMT
server: Dinamize-PcReceiver
etag: 2021-05-19 14:53:24.074365618 -0300 -03 m=+1.147663895
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
content-length: 24502

GET
H2 200 load.js Show response
widget.perfectmarket.com/correiodopovo/ 4 KB
2 KB 243ms
190ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/correiodopovo/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 423ae58602522fab7a5f245fa6f8a214da4a76f0a8d8a6b1f809a5ef6dd75b86

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OX_wFyoLLxdy6CvRXTBfoc.VwLgDWCuR
content-encoding: gzip
etag: "958ac9562841470c9f6dee2a6538099e"
age: 0
x-cache: HIT, MISS
content-length: 1253
x-amz-id-2: 24Z1iNquYceAUrvS9Ovst2RpVJYGjITPb+4WnHdi8gUM7DJS4jVbl7B+5mRnEsrPEiDX0g2sHWA=
x-served-by: cache-lax10647-LGB, cache-fra19182-FRA
last-modified: Thu, 09 Apr 2020 05:41:41 GMT
server: AmazonS3
x-timer: S1629390219.232298,VS0,VE169
date: Thu, 19 Aug 2021 16:23:39 GMT
vary: Accept-Encoding,,
x-amz-request-id: 04GXD33TTXYFJ55Q
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210819-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 526 KB
117 KB 28ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 06192831a43dac617bb42d64a4e83c98ceb7c25203f434f2aaddc8c036f7d239

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9_9AcX.0YMPQHudc_PUTOI.07wiltrq7
content-encoding: br
etag: "20f63cfc409cb73baf22283412c5f792"
age: 19507
x-cache: HIT
content-length: 118993
x-amz-id-2: ej9DvoDGlvbXHdAf7RnML/lc6m9lgoQadx1UfpfcxbQCfjA5hVTzYz4grCdNl1laoMaGG1JIbro=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 19 Aug 2021 10:58:27 GMT
server: AmazonS3-br
x-timer: S1629390219.189253,VS0,VE0
date: Thu, 19 Aug 2021 16:23:39 GMT
vary: Accept-Encoding
x-amz-request-id: FD1XNSDMTMS2W27D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 85
x-cache-hits: 71024

GET
H2 200 val-kilmer.png
www.correiodopovo.com.br/image/policy:1.676326:1629386842/ 9 KB
9 KB 36ms
34ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676326:1629386842/val-kilmer.png?a=1%3A1&q=0.9&w=250&$p$a$q$w=97e52fb&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: c4a6fc16c7b1c7c95759a3efa560fbdf9741e2aee4226677f37764367e1d10d5

Request headers

:path: /image/policy:1.676326:1629386842/val-kilmer.png?a=1%3A1&q=0.9&w=250&$p$a$q$w=97e52fb&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 9212
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 urna-eletronica-urna-eleicao-eleicoes-voto-10062020073528660.jpeg
www.correiodopovo.com.br/image/policy:1.505709:1622240031/ 6 KB
6 KB 37ms
35ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.505709:1622240031/urna-eletronica-urna-eleicao-eleicoes-voto-10062020073528660.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=7307fbd&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: dd84cf6d6434bad12ce1ef97db18c8a46fbe3e6f4067367cfe8fd46a1ad715b8

Request headers

:path: /image/policy:1.505709:1622240031/urna-eletronica-urna-eleicao-eleicoes-voto-10062020073528660.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=7307fbd&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 5878
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 WhatsApp%20Image%202021-08-11%20at%2013.25.17.jpeg
www.correiodopovo.com.br/image/policy:1.675682:1629303833/ 11 KB
12 KB 39ms
37ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.675682:1629303833/WhatsApp%20Image%202021-08-11%20at%2013.25.17.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=dcb3840&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 16d533871db83da5b157689e0a02d71cb3da2c9ee870c3c1d2fa1815e9f477ae

Request headers

:path: /image/policy:1.675682:1629303833/WhatsApp%20Image%202021-08-11%20at%2013.25.17.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=dcb3840&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 11628
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 wind-farm-1209335.jpg
www.correiodopovo.com.br/image/policy:1.584689:1615486900/ 16 KB
16 KB 40ms
38ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.584689:1615486900/wind-farm-1209335.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=745a0aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 8048551008ffd51823ff935cfe8b20691143984aa7bc3b7d2e720af92ee54a98

Request headers

:path: /image/policy:1.584689:1615486900/wind-farm-1209335.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=745a0aa&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 16146
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 NOITEDOSMUSEUS2019_PUBLICO190518J.jpg
www.correiodopovo.com.br/image/policy:1.532081:1607100841/ 14 KB
14 KB 34ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: a6b771e9d8e68cfa8ef0d0bc8e3cbe90ed3e4cb2767155953383360caae1b4ac

Request headers

:path: /image/policy:1.532081:1607100841/NOITEDOSMUSEUS2019_PUBLICO190518J.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=81d69d8&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14188
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 CABINEDEVOTACAODOTREPOA.jpg
www.correiodopovo.com.br/image/policy:1.520273:1605302767/ 6 KB
7 KB 31ms
30ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: cfef45803dc66cb82642977c78b48f4f53b9d03a7bb0c0ed3c91f1f17fada608

Request headers

:path: /image/policy:1.520273:1605302767/CABINEDEVOTACAODOTREPOA.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f70c9a3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 6594
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 INCENDIONAAMAZONIA190825.jpg
www.correiodopovo.com.br/image/policy:1.456793:1595967208/ 23 KB
23 KB 33ms
32ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d14a92927736ceba28302c4a9912a202758709026fa4b609183b224c254fce6a

Request headers

:path: /image/policy:1.456793:1595967208/INCENDIONAAMAZONIA190825.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=64205f1&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 23524
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 CONFLITONAALEMANHAEM1920.jpg
www.correiodopovo.com.br/image/policy:1.406675:1584663803/ 28 KB
29 KB 32ms
32ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 75046723690e555b59fc656ce2b75707fb2e249e7d9446d007210cbec429007c

Request headers

:path: /image/policy:1.406675:1584663803/CONFLITONAALEMANHAEM1920.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f0a14f3&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 29062
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 gremiocoronaGT13.jpg
www.correiodopovo.com.br/image/policy:1.406650:1584655134/ 9 KB
9 KB 34ms
33ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 814fbfc1804f477d3a12ef1a73ab55d287331f176ef7c96ea0049c4cfeb806f4

Request headers

:path: /image/policy:1.406650:1584655134/gremiocoronaGT13.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=4b0672b&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 9148
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg
www.correiodopovo.com.br/image/policy:1.401717:1582743154/ 14 KB
15 KB 35ms
35ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ec2e1296380c1680aef32b3123b5d26e3a343b94e14fda81520920cecc93cee4

Request headers

:path: /image/policy:1.401717:1582743154/WhatsApp%20Image%202020-02-26%20at%2015.49.33.jpeg?a=1%3A1&q=0.9&w=250&$p$a$q$w=54b6129&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14730
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 000_1P67ML.jpg
www.correiodopovo.com.br/image/policy:1.401058:1582333779/ 20 KB
20 KB 32ms
31ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 4c051a904ed3bc243e02450daa9e52e53f378348f4e3e997c8c94134b1553484

Request headers

:path: /image/policy:1.401058:1582333779/000_1P67ML.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=701184a&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 20584
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 CONCEICAOEVARISTO.jpg
www.correiodopovo.com.br/image/policy:1.397524:1580848385/ 14 KB
14 KB 31ms
30ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 42fc70955f09c40a96eb48b58d9f6e088a33b41ce5e925906b3c6eaae32e90c2

Request headers

:path: /image/policy:1.397524:1580848385/CONCEICAOEVARISTO.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=6da6c81&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 14550
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 the-dead-line-in-the-raod-1175899-1599x1024.jpg
www.correiodopovo.com.br/image/policy:1.392853:1578957861/ 2 KB
3 KB 34ms
32ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 46fd479ffb31457f997272daabf4e1791a0f0814c2127888ef6ecd526d37d00b

Request headers

:path: /image/policy:1.392853:1578957861/the-dead-line-in-the-raod-1175899-1599x1024.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=678551e&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 2438
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 IAR%202019-79.jpg
www.correiodopovo.com.br/image/policy:1.377823:1572903045/ 16 KB
16 KB 34ms
34ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 18c87d635507565f16cae963e310d041099274a6788a409f49ca7dcb1fd5d0bb

Request headers

:path: /image/policy:1.377823:1572903045/IAR%202019-79.jpg?a=1%3A1&q=0.9&w=250&$p$a$q$w=f20df16&ims=filters:watermark%28https://portal.correiodopovo.com.br/imagens/graphics/podcast.png,190,10,0%29
pragma: no-cache
cookie: _dlt=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
server: Azion IMS
x-original-image-size: 2027
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 16342
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame 957A 92 B
268 B 188ms
115ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
via: 1.1 google
cache-control: max-age=3600
alt-svc: clear
expires: Thu, 19 Aug 2021 17:23:39 GMT

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 132 B
372 B 100ms
31ms Script
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/get-action?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=517151357289354419&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/correiodopovo/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: be103ba35429b6eefc9e481cbffd36618d7f6c0fd0f262bf9f627c9d78ad1b96

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.45.95.36:8080
date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390219.356269,VS0,VE9
x-served-by: cache-hhn4068-HHN
x-cache: MISS
content-type: application/json;charset=UTF-8
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 210 B
262 B 42ms
42ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.correiodopovo.com.br&callback=_gfp_s_&client=ca-pub-3488053582622085

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3488053582622085&plah=www.correiodopovo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a1a05c1162caa6cae48bf8cbe4e6c9c6c2cbd9a9cb0904d8f8b554e82870a502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AB0 0
19 B 75ms
69ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1629390219&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A128%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629390218947&bpp=3&bdt=633&idt=273&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7707767072434&frm=20&pv=2&ga_vid=560172395.1629390219&ga_sid=1629390219&ga_hid=89583392&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=3&pvsid=2042573796895344&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3488053582622085&output=html&adk=1812271804&adf=3025194257&lmt=1629390219&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A128%2C8%3A134217856%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629390218947&bpp=3&bdt=633&idt=273&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7707767072434&frm=20&pv=2&ga_vid=560172395.1629390219&ga_sid=1629390219&ga_hid=89583392&ga_fc=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062297&oid=3&pvsid=2042573796895344&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 19 Aug 2021 16:23:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Aug-2021 16:38:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Aug 2021 16:23:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:39 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 11ms
10ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210819

Requested by

Host: tagmanager.smartadserver.com
URL: https://tagmanager.smartadserver.com/latest/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8c044d70ab6ffb1b29c0c798a827d4220981eae1e8cb7339494bafc2aa48cc7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4247
x-jsd-version: 1.0.1074
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 938
etag: W/"69a-nBpt6K70E48JXlB1qGi8uHZJdnc"
x-served-by: cache-fra19169-FRA
x-jsd-version-type: version
date: Thu, 19 Aug 2021 16:23:39 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/correiodopovo/ 0
50 B 30ms
30ms Image
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/notify-impression?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=517151357289354419&page.template=home&page.dashboard=home
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.45.95.36:8080
date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390219.366163,VS0,VE8
x-served-by: cache-hhn4068-HHN
x-cache: MISS
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=204496277643064&ev=PageView&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&rl=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&if=false&ts=1629390219378&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.2.1629390219377.1856445980&it=1629390219034&coo=false&rqm=GET

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 16:23:39 GMT

GET
H2 200 pixel;r=1505122137;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F;ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F;uht=2;fpan=1;fpa=P0-1949772677-1629390219384;p...
pixel.quantserve.com/ 35 B
371 B 23ms
21ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1505122137;rf=0;a=p-HGAVM7nQJ_sep;url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F;ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F;uht=2;fpan=1;fpa=P0-1949772677-1629390219384;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;d=correiodopovo.com.br;je=0;sr=1600x1200x24;dst=1;et=1629390219384;tzo=-120;ogl=title.Correio%20do%20Povo%2Csite_name.Correio%20do%20Povo%2Curl.https%3A%2F%2Fwww%252Ecorreiodopovo%252Ecom%252Ebr%2F%2Cdescription.%2Ctype.website

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:39 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 45ms
36ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0d08933537eec00050d60f0955e4088385a35bcb115e7d9d8fe9016cb17b2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tbD3EKx59FNk4XdVxtssMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "30d1d2919676634bf2aebe648f84c2ce"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-tbD3EKx59FNk4XdVxtssMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:23:39 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-B73LS4GNNN&gtm=2oe8i0&_p=89583392&sr=1600x1200&ul=en-us&cid=560172395.1629390219&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dr=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&dt=Correio%20do%20Povo&sid=1629390219&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B73LS4GNNN&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 prebid.js Show response
v3.denakop.com/ 192 KB
59 KB 22ms
22ms Script
application/javascript 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/prebid.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee946834c430305a1de1bbd6694248cb0aae72fd3718b84413bd7d4c2228fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3437
cf-polished: origSize=196277
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Mon, 16 Aug 2021 15:23:59 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"611a830f-2feb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 6814ba480c874e61-FRA
cf-bgj: minify

GET
H/1.1 200
OK initcb Show response
webservices.webspectator.com/ 5 KB
1 KB 112ms
112ms Script
application/javascript 34.207.18.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webservices.webspectator.com/initcb?appId=2782&vId=EB92B5352E62E416&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1629390219526&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/init?appId=GTAYHGT2&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F&t=1629390218715
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.207.18.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-18-4.compute-1.amazonaws.com
Software: WildFly/10 / Undertow/1
Resource Hash: 87f88de0ead79a329ce4bd41f52393a4c4c141f47abf2d51a89d99682e8ee7ac

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:39 GMT
Content-Encoding: gzip
Server: WildFly/10
X-Powered-By: Undertow/1
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
X-NoCache: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 243 KB
83 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ec65ff2638a1c8071f31da65fa15f402c05d7d9d1d7e2dcd5ef5f22a852db8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84864
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:56:42 GMT

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/correiodopovo/ 111 KB
30 KB 21ms
20ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/correiodopovo/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/correiodopovo/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a233fdc512c16069e544a929f5289021f796b2e9c439fd8fd867ab01c9ae6eb

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kqTxPFH_D9zExzTB0PjSGPERIWhbAJJ0
content-encoding: gzip
etag: "722c612becdf55d8463d1c4ea96bd7ea"
age: 1304351
x-cache: HIT, HIT
content-length: 30933
x-amz-id-2: FqFXK/TvVFp5tXg8f7LLWItQnxLyLTtVT4Rgg7U+eGrcwUfThoMbGb3bAgIUa2fnmS06ecqHOqQ=
x-served-by: cache-sna10722-LGB, cache-fra19182-FRA
last-modified: Thu, 09 Apr 2020 05:41:41 GMT
server: AmazonS3
x-timer: S1629390220.587907,VS0,VE1
date: Thu, 19 Aug 2021 16:23:39 GMT
vary: Accept-Encoding,,
x-amz-request-id: 5EBV85P5SFEQH8SP
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 32ms
24ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99494ec07ed0d6d6f582e8d2cf976b42baf81ad145df60fd9b038e2f4a1076bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Thu, 19 Aug 2021 16:23:39 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
710 B 62ms
22ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:39 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0875fe1f-a15d-4bbb-a119-894f03e487c9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
834 B 155ms
114ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 1d1c80194706c12a3a7300bd2ef4b93a6d74e77c00cc5d162761e24545cefd6b

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 19 Aug 2021 16:23:39 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
834 B 220ms
179ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9cb50d0018&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 2d25ac294cc77b694aad9cb054dcc7a38cb19fd6102c45cad406e854c98db82a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 19 Aug 2021 16:23:39 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
834 B 134ms
88ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96983d017575db4b3edb9ac0dc0015&pos=8a96983d017575db4b3edb9d8d750019&cmd=bid&secure=1
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.138 /
Resource Hash: 648d0866370c08bbc1d7fb15a282f9118750bf82fc40d1ec8f75932cf67fdc9a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 19 Aug 2021 16:23:39 GMT
Server: ATS/7.1.2.138
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
710 B 66ms
26ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:39 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 31569d36-44a3-44dd-9132-5ed79ba4e937
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
186 B 355ms
120ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Thu, 19 Aug 2021 16:23:39 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 2ACA 566 B
878 B 46ms
25ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c239661ce64dbf6e5f6cca895b3478750f2aa9f04eb72671584a66ce05871476

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WL2lsIcWcOf33Ts2+azrgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=221=B3c6DARwDxs3UqqrqXQkJ4wmtEVxOLl3gRvW8hp-hgk3t58Mf7baeLbS3ir2f39RCVRIVqEOph26bWRxTWeIRRbYDXAJSwTBamytsOsNQugXxLtj9WqN3Zre4_WltxPk-geVLGMTXghEmJh2e3Zd_4m4-yHDHpnMrhDAtwFdPDM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 16:23:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-WL2lsIcWcOf33Ts2+azrgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 capajornal.aspx Show response
portal.correiodopovo.com.br/includes/input/ Frame 3061 224 B
369 B 370ms
368ms Document
text/html 189.16.116.12
CLARO S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 189.16.116.12 São Paulo, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3f7aa02b4a0296651c507240309115ea35f5965193e2c3dee665f000158533a5

Request headers

:method: GET
:authority: portal.correiodopovo.com.br
:scheme: https
:path: /includes/input/capajornal.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _dlt=1; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

cache-control: public, max-age=770
content-type: text/html; charset=utf-8
expires: Thu, 19 Aug 2021 16:36:30 GMT
last-modified: Thu, 19 Aug 2021 16:06:30 GMT
vary: *
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Thu, 19 Aug 2021 16:23:38 GMT
content-length: 224

GET
H2 200 index.php Show response
stg.truvidplayer.com/ 977 B
755 B 163ms
110ms Script
text/html 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=2377075764330201
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-63.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: f4ed69f855b0e6e08ddec9667049770a8dd53d952e25320db01e760f1dbc4906

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: atPcDx9LyrlMjJA6QuTJNic7E3TLhh0xPHIsXMsePT5DwPiYBJuFIg==

GET
H/1.1 200 1 Show response
paywall.correiodopovo.com.br/wid/script/ 376 B
546 B 464ms
150ms Script
text/plain 54.82.20.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/?&is_visitor=true&is_freemium=true&is_customer=true
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.20.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-20-194.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42ed8aca96bf1e9bb25a813a1176242c2f722734bf4d5048846278b95ae2ae2c

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:40 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 376
Content-Type: text/plain;charset=UTF-8

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/28f65009/www-widgetapi.vflset/ 125 KB
42 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6648b04e414e1e9fe5291e31e47fae11425d5180dd7c1da6743e5cf840f3e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42716
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 16:01:16 GMT

GET
H2 200 ortc-heartbeat1sec-min.js Show response
wfpscripts.webspectator.com/ 76 KB
19 KB 111ms
110ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=EB92B5352E62E416&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1629390219526&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80a6c8fd3fd83054bdd51a596217f806cec456cd5b176ec5e44a407201a82d2a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Nov 2016 17:07:44 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "ae07ae40393a03d603b6341bf9f7f923"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 19153
x-amz-meta-s3b-last-modified: 20161130T162538Z

GET
H2 200 swfobject.js Show response
ajax.googleapis.com/ajax/libs/swfobject/2.2/ 10 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/swfobject/2.2/swfobject.js

Requested by

Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=EB92B5352E62E416&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1629390219526&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3974
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 10:11:41 GMT

GET
H2 200 blockadblock.js Show response
wfpscripts.webspectator.com/adblocker/ 8 KB
3 KB 221ms
220ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=EB92B5352E62E416&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1629390219526&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7ed1947cb1ec4f11c68e3b281741c4214839a262843c339c1f1e3bc357434183

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
last-modified: Tue, 11 Oct 2016 13:22:22 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "0dcdd7a190caf42e7d287645d9ba0303"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 2696

GET
H2 200 ws-4.4.62.js Show response
wfpscripts.webspectator.com/ 81 KB
23 KB 221ms
221ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Requested by: Host: webservices.webspectator.com
URL: https://webservices.webspectator.com/initcb?appId=2782&vId=EB92B5352E62E416&dads=0&lts=0&nv=1&s=4863&res=1600x1200&c=1&l=en&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&sr=direct&ts=1629390219526&rs=0&h=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&npv=1&ltsss=0&ltsvs=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2e8fac6fa9527aaae83a3fc6200472418e1aa0cf42d9ed4422683e8e0192a861

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
last-modified: Wed, 06 Mar 2019 17:07:49 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "4e7c8880fbc1b585c27bd698eb84469f"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=2592000
content-length: 23796

GET
H3-29 200 client:platform.js Show response
apis.google.com/js/ 54 KB
21 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client:platform.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a645dd7cc6048dfe3308485e45686f5d800cabcace34d4dbd921f3648803fe10

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aNiiP0/MXo9D8e4GPkHLIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "4b6f9246876bb547b13efdc40c9319c3"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-aNiiP0/MXo9D8e4GPkHLIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:23:39 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cf1aa76490e5f0f9da15c077931ef2d05f73dba54ecc28312d345c82a402d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BLGI65MMEqoyzNH3SGctgw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Y0u0sZ6xpATLOGfoPMpj+VUjz4ZybV8S+ArK3/5rdS5nu2jZAiQlZmjnoopRJXUF+VMUs16umIHg5nYWssD9ow==
x-fb-content-md5: 47b15e3c876c78f62437c2d8e1e09f36
x-frame-options: DENY
date: Thu, 19 Aug 2021 16:23:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f959d4c85b3220c9ac0531f15295a1f8"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 Aug 2021 16:42:48 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 26ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67BC)
Age: 1154
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
DATA 200
OK truncated
/ 51 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 p.gif
www.correiodopovo.com.br/logger/ 43 B
242 B 31ms
31ms Image
image/gif 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/logger/p.gif?d=/2.200&referrer=https://www.correiodopovo.com.br.admin-mcas.ms/
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

:path: /logger/p.gif?d=/2.200&referrer=https://www.correiodopovo.com.br.admin-mcas.ms/
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-cacheable: NO:Not-Cacheable
server: nginx/1.12.2
age: 0
x-cache: MISS
content-type: image/gif
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 json Show response
trc.taboola.com/correiodopovo/trc/3/ 15 KB
6 KB 562ms
560ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/correiodopovo/trc/3/json?tim=18%3A23%3A39.822&lti=deflated&data=%7B%22id%22%3A436%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1629372343648%2C%22vi%22%3A1629390219820%2C%22cv%22%3A%2220210819-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11076%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2652.96875%2C%22mw%22%3A1140%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22orig_uip%22%3A%22Right%20Rail%201x1%20Home%20Page%22%2C%22cd%22%3A7246.953125%2C%22mw%22%3A336%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fb860099e5d73d012639910b86d86fba983e89222c5311d0f8198689c178248

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 318
date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
server: nginx
x-timer: S1629390220.056083,VS0,VE318
x-served-by: cache-fra19168-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 29ms
13ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 881fcec8881cd3998d304548f7775f2373890eec5b2c6cb421219e7424dd2d51

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:44:31 GMT
content-encoding: gzip
age: 5948
x-guploader-uploadid: ADPycdsRK9Qm58stqMNgEwWgPRd0bT3GoSZ_GB0wfVn8DD5zsgRQQDTX0s86U27f2TKx6SUlCGjghip8gt-ka7bJMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 21157
last-modified: Mon, 02 Aug 2021 18:25:02 GMT
server: nginx/1.8.1
etag: "97781ebda8e0203ef2ac0ee865a38d55"
vary: Accept-Encoding
x-goog-hash: md5=l3gevajgID7yrA7oZaONVQ==
x-goog-generation: 1627928702169012
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 21157
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Aug 2021 16:44:31 GMT

GET
H2 200 fontawesome-webfont.woff
www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/ 82 KB
82 KB 33ms
33ms Font
application/x-font-woff 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: 7a1d9a7fdb9f6de569ac49bbaafa22ad4dbd395d58bd166ea1b3689113de7f0b

Request headers

sec-fetch-mode: cors
origin: https://www.correiodopovo.com.br
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
:path: /polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/polopoly_fs/3.163.1615315420!/fontawesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
x-cache-rule: YES with ttl: 600.000 /polopoly_fs/3.163.1615315420!/fontawesome/fonts/fontawesome-webfont.woff?v=4.1.0
last-modified: Tue, 09 Mar 2021 18:43:42 GMT
server: nginx/1.12.2
age: 43
x-cache: HIT
content-type: application/x-font-woff;charset=utf-8
v: 5
cache-control: max-age=2592000
expires: Sat, 18 Sep 2021 16:23:39 GMT

GET
H2 200 temperaturatopo Show response
www.correiodopovo.com.br/cmlink/ 240 B
424 B 30ms
30ms XHR
text/html 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.correiodopovo.com.br/cmlink/temperaturatopo
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/polopoly_fs/3.143.1551460756!/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: nginx/1.12.2 /
Resource Hash: ae0045ce4597701b918384c17402ad14e391fa44e44ea8f800d159d6aff62f96

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
:path: /cmlink/temperaturatopo
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html, */*; q=0.01
cache-control: no-cache
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.correiodopovo.com.br/?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
content-encoding: gzip
x-cache-rule: YES with ttl: 60.000 /cmlink/temperaturatopo
x-cacheable: YES
server: nginx/1.12.2
age: 57
vary: Accept-Encoding
x-cache: HIT
content-type: text/html;charset=utf-8
v: 5
cache-control: max-age=300
accept-ranges: bytes
content-length: 163
expires: Thu, 19 Aug 2021 16:28:39 GMT

GET
H3-29 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 763 B
526 B 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_1?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef6ca62a0cf7fb5e982b323f7511a247212ade4c31db1b158b730d1213f9b2c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 13:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 502
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 13:20:54 GMT

GET
H3-29 200 subscribe_embed Show response
www.youtube.com/ Frame 320F 2 KB
866 B 33ms
33ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b5d8b2d8b744b9882f0e66bdd25f0ef8f09dc9b705e400fd3a1f572d42f698b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=Yf7fW70y3QM; VISITOR_INFO1_LIVE=FMRjJJwZPPw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 16:23:39 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Fri, 23-Nov-2018 16:23:39 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+828; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 b
sb.scorecardresearch.com/ 0
339 B 20ms
20ms Image
text/plain 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1629390219952&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: dZFfcCKYAxhu8YBoJ1K5I5YGP9rfyVCeGh_uP2AjqGk8AXL-zHCLtg==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ 0
337 B 28ms
27ms Image
text/plain 13.224.96.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&ns__t=1629390219953&ns_c=UTF-8&cv=3.5&c8=Correio%20do%20Povo&c7=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&c9=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-37.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:39 GMT
via: 1.1 e96895e7fdc48b58a3d95d2e8e23a8b0.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 0JXUieAyRbifcQjWclEqpKlr28stYjj2CkftChlq7U2P4LR-9Z8mig==
x-cache: Miss from cloudfront

POST
H3-29 200 /
www.facebook.com/tr/ 0
18 B 14ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWld7PAa5F3gSnFpB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 19 Aug 2021 16:23:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.676309:1629385587/ 99 KB
99 KB 32ms
31ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676309:1629385587/.jpg?f=3x2&$p$f=3d7bc82&w=1200&$w=9c05b01
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: b5fcb8853f8724e081fa25b354a1f3e5b790235f093a9ce00da197b7f6b434dc

Request headers

:path: /image/policy:1.676309:1629385587/.jpg?f=3x2&$p$f=3d7bc82&w=1200&$w=9c05b01
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 99299
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 101266
expires: Sat, 18 Sep 2021 16:23:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.676347:1629388217/ 44 KB
44 KB 35ms
34ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676347:1629388217/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 861e0b076034a66c9897ef04127984e22201dd80c5df8812775431bc49aad691

Request headers

:path: /image/policy:1.676347:1629388217/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 41690
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 45290
expires: Sat, 18 Sep 2021 16:23:40 GMT

GET
H2 200 .png
www.correiodopovo.com.br/image/policy:1.676326:1629386842/ 13 KB
13 KB 36ms
35ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676326:1629386842/.png?f=1x2&$p$f=9e999c1&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 84924bd5fb48160f34cece533dc243abf2110c389a72bac0f1dff69e3c0b354c

Request headers

:path: /image/policy:1.676326:1629386842/.png?f=1x2&$p$f=9e999c1&w=360&$w=1071b2b
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 370561
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 12842
expires: Sat, 18 Sep 2021 16:23:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.676119:1629338530/ 31 KB
31 KB 37ms
36ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676119:1629338530/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: d025a27dc3e3879941e51a2984821867f9df4ddd4796995627550c6c101afa08

Request headers

:path: /image/policy:1.676119:1629338530/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 30560
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 31526
expires: Sat, 18 Sep 2021 16:23:40 GMT

GET
H2 200 .jpg
www.correiodopovo.com.br/image/policy:1.676179:1629371835/ 30 KB
30 KB 66ms
65ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.676179:1629371835/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 56e3380155b869c8a21b9fe714b4f1206ac504f1d0dd9ecd212d0909d5db0369

Request headers

:path: /image/policy:1.676179:1629371835/.jpg?f=1x2&$p$f=e75c2d9&w=360&$w=1071b2b
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 31660
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 30412
expires: Sat, 18 Sep 2021 16:23:40 GMT

GET
H2 200 urna-eletronica.jpeg
www.correiodopovo.com.br/image/policy:1.505709:1622240031/ 6 KB
7 KB 66ms
65ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/image/policy:1.505709:1622240031/urna-eletronica.jpeg?f=1x2&$p$f=8514047&w=360&$w=1071b2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: 07e7639fb13d04a7bf8a7fa3d30c08e115146227f175ed1cae1bf365dcdbb2d4

Request headers

:path: /image/policy:1.505709:1622240031/urna-eletronica.jpeg?f=1x2&$p$f=8514047&w=360&$w=1071b2b
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 9154
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 6652
expires: Sat, 18 Sep 2021 16:23:40 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4199
date: Thu, 19 Aug 2021 15:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 19 Aug 2021 17:13:41 GMT

GET
H2 200 12.png
www.correiodopovo.com.br/imagens/icons/93x93/ 2 KB
2 KB 59ms
58ms Image
image/webp 194.126.175.195
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correiodopovo.com.br/imagens/icons/93x93/12.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.126.175.195 Amsterdam, Netherlands, ASN29802 (HVC-AS, US),
Reverse DNS: 194-126-175-195.static.hvvc.us
Software: Azion IMS /
Resource Hash: ce52949e9b1d83b7909932a5a0893e2f7aa0a447c853e21956cf91bc7fbc902d

Request headers

:path: /imagens/icons/93x93/12.png
pragma: no-cache
cookie: _dlt=1; _pbjs_userid_consent_data=3524755945110770; _fbp=fb.2.1629390219377.1856445980; _ga_B73LS4GNNN=GS1.1.1629390219.1.0.1629390219.0; _ga=GA1.1.560172395.1629390219; __qca=P0-1949772677-1629390219384; ___ws_ses=EB92B5352E62E416.1; ___ws-sr=https://www.correiodopovo.com.br.admin-mcas.ms/; ___ws_vis=EB92B5352E62E416.1629390219282; ___ws_ses_sec=4863:1629390219282; ___ws_vis_sec=4863:1629390219282; __gads=ID=b4692f526e8d1bdb-22613015afc900d7:T=1629390219:RT=1629390219:S=ALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ; trc_cookie_storage=|taboola global:user-id=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b; denakop_freq={}; _tb_sess_r=https%3A//www.correiodopovo.com.br.admin-mcas.ms/; _tb_t_ppg=https%3A//www.correiodopovo.com.br/%3F
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.correiodopovo.com.br
referer: https://www.correiodopovo.com.br/?
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.correiodopovo.com.br/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
server: Azion IMS
x-original-image-size: 2083
vary: Accept
content-type: image/webp
v: 5
cache-control: max-age=2592000
x-ims: Enabled
content-length: 1762
expires: Sat, 18 Sep 2021 16:23:40 GMT

POST
H2 204 report-page-structure
nr-events.taboola.com/newsroom/1.0/correiodopovo/ Frame F0ED 0
0 30ms
30ms Document
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/correiodopovo/report-page-structure?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=517151357289354419&page.template=home&page.dashboard=home&ui=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: POST
:authority: nr-events.taboola.com
:scheme: https
:path: /newsroom/1.0/correiodopovo/report-page-structure?page.url=https%3A%2F%2Fwww.correiodopovo.com.br%2F&view.id=517151357289354419&page.template=home&page.dashboard=home&ui=ab66072a-850a-4648-972c-02b580b33d65-tuct8180b0b
content-length: 586
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.correiodopovo.com.br
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.correiodopovo.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
x-application-context: front-page-event-server:production
tbl-x-upstream: 10.45.95.36:8080
accept-ranges: bytes
date: Thu, 19 Aug 2021 16:23:40 GMT
via: 1.1 varnish
x-served-by: cache-hhn4068-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1629390220.042044,VS0,VE9

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 235 KB
68 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=18527374439388e963b3290e2d55b0af

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50a3768a8e98b8ac8e0ef6c003dcc7079542292d74d7db73200fb8a2569da4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lugqWSnaH/W0qYoj2QaIBg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69730
x-fb-rlafr: 0
x-fb-debug: IHyzEkJ1eaNohEhG1b5WyHJXdToNnHKIpDcb79jVb6QP+Qys5Zg0uvdCgbasJ8rb014GmTcxBmC2yA1XjzLznQ==
x-fb-content-md5: c94843335a12366113f8e4feda4eb857
x-frame-options: DENY
date: Thu, 19 Aug 2021 16:23:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c2dfd92f355b1bd17ea28475e7dbf71c"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 19 Aug 2022 14:00:58 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 7607 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.correiodopovo.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 74703
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Aug 2021 16:23:40 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3-29 200 tkHaYUV2MDY Show response
www.youtube.com/embed/ Frame 948A 56 KB
24 KB 53ms
52ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/www-widgetapi.vflset/www-widgetapi.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f78040df7838e5a8b78f06fd41f47dbfaf4ece55c04bf3f0d9b78a5f079422cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=Yf7fW70y3QM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 16:23:40 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=1e96AWhaNnY; Domain=.youtube.com; Expires=Tue, 15-Feb-2022 16:23:40 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+247; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 70 KB
24 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_2?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bb18c2bda7f90454e5f696a0c7c34b989b19a2033f3bbb149ee61fa08c661c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24574
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 20:18:16 GMT

GET
H2 200 3680.js Show response
go.trvdp.com/init/ 23 KB
23 KB 105ms
48ms Script
binary/octet-stream 2600:9000:2156:6200:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/3680.js?pid=2617
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=870&widget_id=3680&playlist_id=2617&m=a&cb=2377075764330201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6200:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fed2da5781a8401ff55ba3fd96b6f29e17c802c7636c1be141a7705cd7ee48

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:42:13 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:05:42 GMT
server: AmazonS3
age: 24367288
etag: "270eed6f93a6caf3e2976ddfbf017ed6"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: 8cs5XVxlrC5DsV6-UkfLkZv1po8C5e5Xaboqqwc59PaLyr2Qh7dQ4g==

GET
H3-29 200 api.gif
v3.denakop.com/ 0
346 B 349ms
348ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=MQaKD8QpTKu%2BNM9cxv%2BDhg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1629390220161&cb=0.7926355569238039&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6814ba4c0de24e61-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
853 B 42ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
22ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.correiodopovo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 242 KB
59 KB 452ms
451ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2042573796895344&correlator=1188299010451028&output=ldjh&impl=fifs&eid=31062315%2C20211866%2C31062297&vrg=2021081601&ptt=17&sc=1&sfv=1-0-38&ecs=20210819&iu_parts=21715141650%2Cdesktop_scroll%2Cdesktop_under&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90%7C970x250%7C728x180%2C970x90%7C728x90&prev_scp=dk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dscroll%26account_id%3D10102%7Cdk_refresh%3Dtrue%26index%3D2%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dscroll%26account_id%3D10102%7Cdk_refresh%3Dtrue%26index%3D1%26hostname%3Dwww.correiodopovo.com.br%26pathname%3D%252F%26device%3Ddesktop%26auto_ad%3Dunder%26account_id%3D10102&cookie=ID%3Db4692f526e8d1bdb-22613015afc900d7%3AT%3D1629390219%3ART%3D1629390219%3AS%3DALNI_Mbmtvk9Rv_UP8NZd3kFF0Pz6bR0WQ&bc=31&abxe=1&lmt=1629390220&dt=1629390220176&dlt=1629390218314&idt=1027&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C315%2C315&adys=2213%2C3983%2C0&adks=2385644847%2C1717172393%2C3077234133&ucis=1%7C2%7C3&ifi=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C1600x-1%7C970x-1&msz=1600x-1%7C1600x-1%7C970x-1&ga_vid=560172395.1629390219&ga_sid=1629390219&ga_hid=89583392&ga_fc=false&fws=4%2C4%2C516&ohw=1600%2C1600%2C1600&btvi=1%7C2%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

752f84549dbec62fcedc9101d32d7f61ea2bfb259e0c8302ef17d3aef7287e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60383
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A8FC 6 KB
3 KB 48ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:23:40 GMT
expires: Fri, 19 Aug 2022 16:23:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 api.gif
v3.denakop.com/ 0
346 B 352ms
352ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=MQaKD8QpTKu%2BNM9cxv%2BDhg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1629390220185&cb=0.8690543013575809&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6814ba4c2e2e4e61-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 2ACA 10 KB
5 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.correiodopovo.com.br&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 02:24:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:14:43 GMT

GET
H3-29 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 2ACA 13 KB
5 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d99dccc4af2dcb8e3b64249fb88549b5f0368708eec4b4c0acadc177b3ddce75

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g6Yz4UWicd9AVZaeQvYgYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "27112d2024262eac57ac21d95a79218e"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-g6Yz4UWicd9AVZaeQvYgYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:23:40 GMT

GET
H3-29 200 api.gif
v3.denakop.com/ 0
346 B 369ms
368ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=MQaKD8QpTKu%2BNM9cxv%2BDhg%2F0&v=5.0.0&sw=1600&sh=1200&ac=a&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1629390220186&cb=0.051837926942949863&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6814ba4c2e324e61-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
23 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=89583392&t=pageview&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dr=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&ul=en-us&de=UTF-8&dt=Correio%20do%20Povo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1909659193&gjid=1425438621&cid=560172395.1629390219&tid=UA-4083550-1&_gid=1633461912.1629390220&_r=1&gtm=2wg8i0MFKL3B&did=i5iSjo&z=1483184086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 320F 38 KB
6 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 05:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
age: 124613
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
expires: Thu, 18 Aug 2022 05:46:47 GMT

GET
H3-29 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 320F 252 KB
72 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&layout=default&count=default&origin=https%3A%2F%2Fwww.correiodopovo.com.br&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 05:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
age: 124613
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
expires: Thu, 18 Aug 2022 05:46:47 GMT

GET
H/1.1 200
OK / Show response
msgws.webspectator.com/server/ssl/2.1/ 67 B
248 B 492ms
111ms Script
text/javascript 34.234.139.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://msgws.webspectator.com/server/ssl/2.1/?guid=a3519478-d861-e3db-d9c7-f41d20a8e693&appkey=w5tlOg
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ortc-heartbeat1sec-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.139.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-139-177.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4a2a801c9c80fdddf923fc6b0c364467a102da2ca6a46afaffca59819f030539

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:23:40 GMT
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4083550-1&cid=560172395.1629390219&jid=1909659193&gjid=1425438621&_gid=1633461912.1629390220&_u=YADAAEAAAAAAAC~&z=1063549236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 16:23:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 320F 156 B
181 B 7ms
6ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 23:43:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 319190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
expires: Mon, 15 Aug 2022 23:43:50 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 2ACA 50 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ded3de6711e90ee906834dbd64ff18636b3f1a2463825e13f2fa0600417bfe2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 16:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17956
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 16:26:56 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW

Requested by

Host: paywall.correiodopovo.com.br
URL: https://paywall.correiodopovo.com.br/wid/script/1?tags=&loc=https://www.correiodopovo.com.br/?&is_visitor=true&is_freemium=true&is_customer=true

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fab691a728da4902c784c1b70396575994f5b58904589b9e8fcf8178d793a509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51347
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:40 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c61db6d0ea4f9a49b00b544649525a3d0f2e695734d4c0b56b96ec47cdfbab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51368
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:40 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ 0
0 38ms
37ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=898700906848364&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=18527374439388e963b3290e2d55b0af

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: JztIum4REuCW95HcZSyxHSSRye3zAD+gIHApFPOvK60eMBQe+kuP1MqnffCMMUmDliFC3U6A3T51W2XGQgNdmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 Aug 2021 16:23:40 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 16293385653861_normal.jpg
digital2.correiodopovo.com.br/files/flip/CPOVO/15413/up/ Frame 3061 181 KB
181 KB 477ms
114ms Image
image/jpeg 3.232.160.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digital2.correiodopovo.com.br/files/flip/CPOVO/15413/up/16293385653861_normal.jpg
Requested by: Host: portal.correiodopovo.com.br
URL: https://portal.correiodopovo.com.br/includes/input/capajornal.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.160.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-160-141.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: f76081c634affb1076f08554b6a158f3aca8fbd59610c09ec128ad42fb14325b

Request headers

Referer: https://portal.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Thu, 19 Aug 2021 16:23:40 GMT
Last-Modified: Thu, 19 Aug 2021 02:07:01 GMT
Server: Apache-Coyote/1.1
ETag: 16293385653861_normal.jpg_184890_1629338821000
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public; max-age=31536000
Content-Disposition: inline; filename=16293385653861_normal.jpg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 184890
Expires: Sun, 05 Sep 2021 17:04:09 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/28f65009/ Frame 948A 329 KB
45 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c0cd3df51c8bd65a1aea744bc15160735e5b6dcfa511aca48c0ff52b2cffd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:40:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
age: 34990
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46223
x-xss-protection: 0
expires: Fri, 19 Aug 2022 06:40:30 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/28f65009/www-embed-player.vflset/ Frame 948A 193 KB
64 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b24688318f26da95db925a6cd70255f8bdf4bdf4fcebbed6dbeaa14c54aa1a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65202
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 06:40:23 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/ Frame 948A 2 MB
495 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea190595c08151551e1c58d7e9c45004cdc6d5c49f7e87aa929be89b83bc8d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
age: 34978
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 507209
x-xss-protection: 0
expires: Fri, 19 Aug 2022 06:40:42 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/28f65009/fetch-polyfill.vflset/ Frame 948A 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
age: 34997
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Fri, 19 Aug 2022 06:40:23 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 948A 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 240979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 320F 125 KB
41 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d0d9d085dd67a5433f67110f9cec09f5a7fbb704aebc6f9b8f26247da253a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 17:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41988
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 17:11:05 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7607 232 B
433 B 166ms
129ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8ba76f11a7905fa3ea1aeca2061ea26e0ea95fc7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.correiodopovo.com.br

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:23:40 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 415da56889364d5098624d8589415690fae8608eb9f6e032be6869f3864db05f
content-length: 166

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4083550-1&cid=560172395.1629390219&jid=1909659193&_u=YADAAEAAAAAAAC~&z=1873853191

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4083550-1&cid=560172395.1629390219&jid=1909659193&_u=YADAAEAAAAAAAC~&z=1873853191

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VH600BGGZW&gtm=2oe8g0&_p=89583392&sr=1600x1200&ul=en-us&cid=560172395.1629390219&_s=1&dl=https%3A%2F%2Fwww.correiodopovo.com.br%2F&dr=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&dt=Correio%20do%20Povo&sid=1629390220&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VH600BGGZW&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 23ms
22ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 8435
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19137-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1629390220.435340,VS0,VE0
date: Thu, 19 Aug 2021 16:23:40 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 62
x-cache-hits: 37214

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 21ms
21ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 494
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19137-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1629390220.435351,VS0,VE0
date: Thu, 19 Aug 2021 16:23:40 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 62
x-cache-hits: 2532

GET
H2 200 tfa-eid.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 20ms
20ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8fcb0634eb65be4266931d8f9535d0eef075c15438aced48de81179a8f774611

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8sd8rumY8Amsy0aEDCTjfV3pk.bU.9Tk
content-encoding: gzip
etag: "665490cfcf7721e3108b076d91bae35e"
age: 18157
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: OuwpsE9+ChAoDgehGVgtvfV+4tD2r8GI9v/nmG/iqTBBU7ZV5R0ty2zFWbOhVlp7rblKv4JbiL0=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 19 Aug 2021 11:21:01 GMT
server: AmazonS3
x-timer: S1629390220.439204,VS0,VE0
date: Thu, 19 Aug 2021 16:23:40 GMT
vary: Accept-Encoding
x-amz-request-id: N3NFYFBTF2TDYZGH
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 100471

GET
H2 200 sha256.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 25ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdd1a26159ce6938b63734d54d4fb519633960019cdb383c177462246a656ee1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: uxerJw9xxcrsSKiBKj0OPMtOKvjeHA1g
content-encoding: gzip
etag: "b6c58ffa1c6fbcb1c829b22f7c744b13"
age: 18143
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: YF9gP6irfATNwo2rfcfDGT+rye2hBpeOTvUFAgiqn7V0GprO3Q5swGauUSYQNdoBroywFprYS+k=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 19 Aug 2021 11:21:14 GMT
server: AmazonS3
x-timer: S1629390220.439303,VS0,VE0
date: Thu, 19 Aug 2021 16:23:40 GMT
vary: Accept-Encoding
x-amz-request-id: X6SFTPCQ4821QA34
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 95936

GET
H2 200 tb Show response
15.taboola.com/ 29 KB
8 KB 41ms
38ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=correiodopovo&unitType=59&tbloc=&pageType=home&pstn=Slider%20-%20Video&uuip=&cisrf=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&cirf=https%3A%2F%2Fwww.correiodopovo.com.br%2F&encoded=1&uid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&variant=588452|11760131&callback=TRC.videoTagCallbacks.videoCallback1&cb=1629390220471&tagid=&cntry=CH&platform=1&sesid=1978fc5bc9174115d926a0c83cc79729&itemid=/&viewid=1629390219820&geolat=&geoing=&deviceifa=&appid=&sd=v2_1978fc5bc9174115d926a0c83cc79729_25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c_1629390220_1629390220_CIi3jgYQzeNHGKzU5vm1LyABKAEwKziy0A1Au4gQSKKi3QNQ____________AVgAYABosa_ptcr9986tAXAB&ri=4b6fb72b54e300ffc030c4ae90240d16&appname=&cdb=&gdprApplies=false&rid=&sii=-5703500169402860967&oee=true&tpubid=1176013&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BL&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1211637&prcnt=&layer=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e21e263a349fa7d1f8c3a783bec20591a53570cd2cd0d06bb02bf5271ca9027

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiodopovo.com.br
machineid: 1429
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4068-HHN
pragma: no-cache
server: nginx
x-timer: S1629390220.483201,VS0,VE17
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210819-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 20ms
19ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210819-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/correiodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 663fb629f188104bc6893c08bac5e7a5030e49e4d2eb46eac667be04f0479fb6

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: a_fN6upca06uGjZ1t5PPxbt54y1ZawrN
content-encoding: gzip
etag: "4e32d1ccc87a1c45f2fac72b02fce5a1"
age: 18160
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5341
x-amz-id-2: khdVlybawVUJcwe9+UDq1Fz1EBM/Qats58GiUZIy1pTK+BBgfJ034KfNe72rZwtsLwrpNdou0LQ=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 19 Aug 2021 11:20:56 GMT
server: AmazonS3
x-timer: S1629390220.486903,VS0,VE0
date: Thu, 19 Aug 2021 16:23:40 GMT
vary: Accept-Encoding
x-amz-request-id: 8AM15GDVCS78BN5B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 35401

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 948A 113 B
159 B 28ms
27ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f0d11e681be1647a71288f83be32c0bedaa6e93faa7523df4e1d757d51d1e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 948A 29 B
523 B 26ms
6ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:10:36 GMT
x-content-type-options: nosniff
age: 784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:25:36 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 9 KB
4 KB 160ms
116ms XHR
application/json 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=870&wid=3680&cb=6149.841800977045&pid=2617&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-63.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: e12aaa0959469a66e442735d1e77ea98c885d6e1cd0d648f1c7a8e51993dc316

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.correiodopovo.com.br
access-control-allow-credentials: true
x-amz-cf-id: 7z52M2CLXxnunJyXIO0Lrtu_NAEG0OAcDUBfPMTDvEC7AS84tjKOWQ==
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)

GET
H2 204 social
il-trc-events.taboola.com/correiodopovo/log/3/ 0
363 B 243ms
77ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/correiodopovo/log/3/social?route=AM:IL:V&tvi2=84&lti=deflated&ri=4b6fb72b54e300ffc030c4ae90240d16&sd=v2_1978fc5bc9174115d926a0c83cc79729_25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c_1629390220_1629390220_CIi3jgYQzeNHGKzU5vm1LyABKAEwKziy0A1Au4gQSKKi3QNQ____________AVgAYABosa_ptcr9986tAXAB&ui=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&pi=/&wi=-5703500169402860967&pt=home&vi=1629390219820&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A23%3A40.575&id=3736&llvl=1&cv=20210819-5-RELEASE&
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 16:23:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 04b2c3c5b2f872ea27a42356dbc03a0b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 24ms
22ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04b2c3c5b2f872ea27a42356dbc03a0b.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cbe284fa313ecb089ef64a662a56ae7a3a32399668f0d6930cd6db7a054563d

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 19 Aug 2021 16:23:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 868601
edge-cache-tag: 545741698562285131430645397222161312719,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 26
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/04b2c3c5b2f872ea27a42356dbc03a0b.png
content-length: 14588
x-request-id: ad021aada87b50aad5cb7d43f3ecf120
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Fri, 06 Aug 2021 13:38:57 GMT
server: nginx
x-timer: S1629390221.589113,VS0,VE1
etag: "1818ee29215a692e3da4426588f57508"
x-served-by: cache-wdc5573-WDC, cache-dca17771-DCA, cache-hhn4068-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 d6d46d338affb3594713ba2d27fe615e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
13 KB 28ms
27ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6d46d338affb3594713ba2d27fe615e.jpg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e4a69bec408536da15ef55cf8d3f93838df54b281697786cfb811e168433209

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 19 Aug 2021 16:23:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 1336800
edge-cache-tag: 525163083294109015638049117738518242615,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 116
expiration: expiry-date="Sun, 15 Aug 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6d46d338affb3594713ba2d27fe615e.jpg
content-length: 13228
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Thu, 15 Jul 2021 06:45:14 GMT
server: nginx
x-timer: S1629390221.589583,VS0,VE1
etag: "4a0a12fcf2fecf7db476091da126f542"
x-served-by: cache-wdc5532-WDC, cache-dca17752-DCA, cache-hhn4068-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 63c2eab3-85ec-44cf-a867-e050f656b0b3_1000x600_2ed52e2fec277731fecf1845a9b536e0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/ 11 KB
12 KB 32ms
32ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/63c2eab3-85ec-44cf-a867-e050f656b0b3_1000x600_2ed52e2fec277731fecf1845a9b536e0.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a893ae70978f21865396bab9eb73da9e67aa7b0cd1cba5d3fa562070f40ed2dc

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 19 Aug 2021 16:23:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 3628177
edge-cache-tag: 480467865751547329655453680095528846690,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 42
expiration: expiry-date="Fri, 30 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/63c2eab3-85ec-44cf-a867-e050f656b0b3_1000x600_2ed52e2fec277731fecf1845a9b536e0.png
content-length: 11160
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Tue, 29 Jun 2021 10:06:25 GMT
server: nginx
x-timer: S1629390221.590535,VS0,VE1
etag: "c0cea2dec95132fa7fe4d1bbfaf25969"
x-served-by: cache-wdc5527-WDC, cache-dca17766-DCA, cache-hhn4068-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 df668ac3-b43a-48e0-90fc-30e751b86a89_1d72efbd17a520de228531c4660de706.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/ 16 KB
17 KB 44ms
44ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/df668ac3-b43a-48e0-90fc-30e751b86a89_1d72efbd17a520de228531c4660de706.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cd7c6a986145bf0944349058344448c6796cf4c46d299d6e6f6af4ec062b208

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 19 Aug 2021 16:23:40 GMT
via: 1.1 varnish, 1.1 varnish
age: 814833
edge-cache-tag: 521174327455466284645874685646831410241,481477739370764300937869058211863991163,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 28
expiration: expiry-date="Thu, 02 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_284%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/df668ac3-b43a-48e0-90fc-30e751b86a89_1d72efbd17a520de228531c4660de706.png
content-length: 16308
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified: Mon, 02 Aug 2021 17:29:09 GMT
server: nginx
x-timer: S1629390221.590484,VS0,VE1
etag: "b23bf099996d4244ef434b3baed1826d"
x-served-by: cache-wdc5581-WDC, cache-dca17725-DCA, cache-hhn4068-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 UnitSliderDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.5.0/ 95 KB
28 KB 33ms
31ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 155b36117f46d5d84fb616cb2c16b136faec4ba1ba931dbca4d3ff303bb586ef

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront), 1.1 varnish
age: 59814
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 27752
x-served-by: cache-hhn4068-HHN
last-modified: Sat, 07 Aug 2021 09:02:26 GMT
server: AmazonS3
x-timer: S1629390221.608840,VS0,VE0
etag: "be3d4abcc81c94f68801baf49b47998c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: wfhPavDhNHUN8DFjqgH9DGiNewe0FkMNhf6Ma_Y6EP1OM839Zn9Yzg==
x-cache-hits: 786

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/ Frame 948A 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a102a1b5b55277c428bc37ca425d2a611c5f860920700821fcd25064e8afe50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
age: 34978
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29770
x-xss-protection: 0
expires: Fri, 19 Aug 2022 06:40:42 GMT

GET
H3-29 200 XXkzgZ_iluOMdrQKXYNRgqTdRkvmuzerOYXdiSc_i3s.js Show response
www.google.com/js/th/ Frame 948A 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/XXkzgZ_iluOMdrQKXYNRgqTdRkvmuzerOYXdiSc_i3s.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d7933819fe296e38c76b40a5d835182a4dd464be6bb37ab3985dd89273f8b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 05:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13420
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 05:12:27 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/ Frame 948A 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f0984f5505c1c357f99efbdd51b73c4092b248e9d0d32f5da0929c3d98b7bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7277
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 21:43:17 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 06:40:42 GMT

GET
H3-29 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 3288 513 B
355 B 37ms
35ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87933a4715c5638a0fa5f750d7f6f184f1645dc0936ae4e690b765402fc743d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9RdQdm5PH2/5v18dJexxVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=221=B3c6DARwDxs3UqqrqXQkJ4wmtEVxOLl3gRvW8hp-hgk3t58Mf7baeLbS3ir2f39RCVRIVqEOph26bWRxTWeIRRbYDXAJSwTBamytsOsNQugXxLtj9WqN3Zre4_WltxPk-geVLGMTXghEmJh2e3Zd_4m4-yHDHpnMrhDAtwFdPDM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 16:23:40 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-9RdQdm5PH2/5v18dJexxVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 948A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTrXrhy8ab5wE0OH_CM1FqExMJ4ZfJd0enDiEWqmg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 948A 2 KB
3 KB 29ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTrXrhy8ab5wE0OH_CM1FqExMJ4ZfJd0enDiEWqmg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5b1f8c0ce1ab29cca4050e19cdb04030d00671931d88126bc8f9c4ebb492aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:18:19 GMT
x-content-type-options: nosniff
age: 321
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2270
x-xss-protection: 0
server: fife
etag: "v9f7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 13 Aug 2021 23:00:56 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/tkHaYUV2MDY/ Frame 948A 23 KB
23 KB 35ms
15ms Image
image/jpeg 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tkHaYUV2MDY/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ccf6435da591a4b87340abd3b07f73ea4bc3a6b85dbef31bc799cbef552231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1629244764"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23389
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:28:40 GMT

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.659/ 494 KB
134 KB 192ms
13ms Script
application/javascript 2600:9000:2190:4c00:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.659/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/3680.js?pid=2617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4c00:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8da0d2d21b01e5f7ffaa0e58318c872fefa0a3bf4cc64902daf87d284a589c72

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Jul 2021 11:13:41 GMT
content-encoding: br
last-modified: Sun, 04 Jul 2021 09:43:27 GMT
server: AmazonS3
age: 3993000
etag: W/"ff8ae2e440b49c3f8d0f6f7802fef276"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: LaZEI8_W-84PcMIVSq9ivpY-NcvpbWbILmcoZdPfMGqG5DJ9Z_KYKw==

GET
H3-29 200 container.html Show response
aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A39D 6 KB
3 KB 132ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:23:40 GMT
expires: Fri, 19 Aug 2022 16:23:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE3D 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:23:40 GMT
expires: Fri, 19 Aug 2022 16:23:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 46FF 6 KB
3 KB 10ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 16:23:40 GMT
expires: Fri, 19 Aug 2022 16:23:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f266202b591aab2563e8ef52fcc7cf8d2358f48600ad7f52bc62462787dca01

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 948A 4 KB
2 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:40 GMT

GET
H2 200 1510909502-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame 3288 116 KB
40 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1510909502-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abcddb702dd8ad37ea713c701a8f2fca352c6c82d5ddd021f84e7826e51f54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40511
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 02:24:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 10:32:43 GMT

GET
H2 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 28 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_iframes_style_bubble/exm=auth,client,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_3?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79d4edf874a483dc0f8a7040e06a4eecd5da5082f94ff8b7fd9fd5cd943c6d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 14:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9533
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 14:27:44 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 948A 0
39 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?w61v6g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 all.min.css
vacina.saude.rs.gov.br/vendor/fontawesome-free/css/ Frame C812 55 KB
15 KB 706ms
704ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "dcc5-592af5a54eb00"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 14961

GET
H2 200 css
fonts.googleapis.com/ Frame C812 21 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a5cfbf045af61b12e14293d0f7bec876e592d4d6ada400c3701d2c42fbe498e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 14:52:48 GMT
server: ESF
date: Thu, 19 Aug 2021 16:23:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H2 200 sb-admin-2.css
vacina.saude.rs.gov.br/css/ Frame C812 200 KB
42 KB 707ms
705ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/css/sb-admin-2.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: bf01f104e3f0aac9c166497e13b6eb6f81de17598e48be3511bbb3d57d5b864d

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
last-modified: Mon, 07 Jun 2021 19:04:31 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "31f5b-5c431b61cb708"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 42873

GET
H2 200 dataTables.bootstrap4.min.css
vacina.saude.rs.gov.br/vendor/datatables/ Frame C812 5 KB
1 KB 709ms
708ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 17e0da2800a542eb7cee178c202ea84e101132e5a77bcf96cf12034fb8d7b8f0

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "1466-592af5a54eb00"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1284

GET
H2 200 style2.css
vacina.saude.rs.gov.br/css/ Frame C812 1 KB
808 B 710ms
709ms Stylesheet
text/css 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/css/style2.css
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: eed7ceea33ee3b5f6159f6513e4ffd02bf00ab1acfa88ed898195249cb61bf76

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:40 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 12:02:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "549-5c001a181d90e"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 726

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C812 128 KB
51 KB 53ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-61N8QP7DNJ

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ded4f0c982c36888327281e503ad553f1316deb52cc8550f98e3be551e844ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51357
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C065 0
172 B 18ms
15ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWXl2y92n7Vtf2wgY0W-jK-IC5i3-FAVEh5SAY1HGpxpYO5RsDWbWgbccPik5N2FrHLLMUailGtyJ3KCy3cjYR6axRYRw

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWXl2y92n7Vtf2wgY0W-jK-IC5i3-FAVEh5SAY1HGpxpYO5RsDWbWgbccPik5N2FrHLLMUailGtyJ3KCy3cjYR6axRYRw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 19 Aug 2021 16:23:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Aug-2021 16:38:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Aug 2021 16:23:41 GMT
cache-control: private

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame EE3D 114 KB
40 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 07:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 07:15:07 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame EE3D 6 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 15:54:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame EE3D 18 KB
7 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 15:12:06 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE3D 42 B
63 B 43ms
31ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_0jiX4_tr6a8IgSm8JPrwHMuzWdUtJohA_DpOH_7oGLKIcRaVmMQjDABEAkIy_0lzD4kjnrdHyF5BWZ6IEKeGQc7lbu0QYKp05PCLQ-M3hYx6oYk

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame EE3D 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:07:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE3D 124 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame EE3D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:22:36 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
733 B 510ms
136ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.correiodopovo.com.br&l1=3680&l2=correiodopovo.com.br&l3=CH&l4=desktop&cb=0.7787639942295985
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.659/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B528 478 B
254 B 21ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNXJHTQilce5DTzY1H17fSFAf0esUM2Z8-oZI31KGBeitHIqmmdIU20kWL0gpuUCjTdBPNmcyLRKMbvEODHsSQrkZnglhA

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNXJHTQilce5DTzY1H17fSFAf0esUM2Z8-oZI31KGBeitHIqmmdIU20kWL0gpuUCjTdBPNmcyLRKMbvEODHsSQrkZnglhA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 19 Aug 2021 16:23:41 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUm1iCE7AHRd10_dPH6RAHxZJkoZXko_FWqmB-Iv0Vi6iWZBy5K5zuQYo8Hl; expires=Tue, 13-Sep-2022 16:23:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 46FF 114 KB
39 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 07:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 07:15:07 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame 46FF 6 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 15:53:13 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 46FF 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 15:12:06 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 46FF 42 B
63 B 29ms
28ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmJ9nCKxVvmkAc8HmzrryEZZbLM5EWcxVdwH2mUwiLaBJ8CtD8o8yJQU4nV0uzjvdwY2BHYWFlef7nkt3Lp86FI7nFGFsYPaQaui_ytkiFrIsXvLM

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 46FF 2 KB
1 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:20:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46FF 124 KB
37 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 46FF 14 KB
6 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:22:52 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C96F 478 B
254 B 25ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWmHzW-YQA6fortoq1wn_H9pTiSGSKJMcrkUmM93rXeVVWASVtiHuzdeabAbI7IIEbyPb99tquYSjgDkXAavOp8CLZEbQ

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWmHzW-YQA6fortoq1wn_H9pTiSGSKJMcrkUmM93rXeVVWASVtiHuzdeabAbI7IIEbyPb99tquYSjgDkXAavOp8CLZEbQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 19 Aug 2021 16:23:41 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUm2sVQqSkXbl8hFiKJrwnYAbH2gP-qqS8OpsTow58Mo4ZF6Q1T-MZxjOL_C; expires=Tue, 13-Sep-2022 16:23:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H3-29 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame A39D 114 KB
39 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 07:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Aug 2021 07:15:07 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/ Frame A39D 6 KB
3 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 15:53:13 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame A39D 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:12:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 15:12:06 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A39D 42 B
63 B 37ms
27ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-As4aLjiC2__Xbwa2ykrDFB_bneUvctz3PTsj36G0GtM4OwAapEJOVtOVtq4zLdyLieFCKfrKClKEQ1oSSAlz0Qd7DNqRVukvqBYFU0E_gdNkhsiDA

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame A39D 2 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:20:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A39D 124 KB
37 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame A39D 14 KB
6 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 16:22:52 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A39D 0
0 21ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlEpxdccbqpIomENG1SBvr1UMkgT9ztMUM21peV_da80R1-VtwA9IA3D-Oho3Ahec5CwdJ1kBsx3saMjRqacL2lIAtfw
Requested by: Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 subscribe_embed Show response
www.youtube.com/ Frame 4A13 601 B
297 B 33ms
32ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21b647861b8a83c073951ff7a5e14c7602cc68cba1ec4366688a7403378c2cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 16:23:41 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=vUcT-vNMwLM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Fri, 23-Nov-2018 16:23:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+200; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
63 B 16ms
14ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 10:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 195585
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 17 Aug 2022 10:03:56 GMT

GET
H3-29 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
63 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:10:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 180806
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 17 Aug 2022 14:10:15 GMT

GET
H3-29 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
339 B 7ms
6ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:19:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 183851
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Wed, 17 Aug 2022 13:19:30 GMT

GET
H3-29 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
137 B 7ms
7ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:45:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 225487
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
expires: Wed, 17 Aug 2022 01:45:34 GMT

GET
H3-29 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
138 B 7ms
7ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:47:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 236161
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Tue, 16 Aug 2022 22:47:40 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9C1A 1 KB
669 B 35ms
33ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c83fe8bec1c3ee0999674d43b303d3557095aaa5fb6cd5ceef620f3ada7361a9

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
x-served-by: cache-hhn4068-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1629390221.196303,VS0,VE11
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E0E7 1 KB
1 KB 93ms
28ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: be09ab5a5ca3cbdd2ef8d740fd8fbb725fc2f7b7dbcfd0b5847fa1600ee157bd

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
date: Thu, 19 Aug 2021 16:23:41 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 91ms
90ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1629390221188&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1263&pt=1590349392&tz=120&viewable=true&ddast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5045cef562a5c3eb1a0953b3ff8578090439d4883204d78197d0ab120fa4977f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiodopovo.com.br
machineid: 1472
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4068-HHN
pragma: no-cache
server: nginx
x-timer: S1629390221.202466,VS0,VE68
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 78ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=31589837&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&debug=pn:!sqg:!torgn:1629390218218.7!ts:1629390221183&mntl=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-length: 0
server: nginx

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 3288 15 B
173 B 28ms
28ms XHR
application/json 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.correiodopovo.com.br&client_id=172526348210-or5nfffa5l6rbsvruouad2070j7ngoec.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1510909502-idpiframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 19 Aug 2021 17:23:41 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE3D 0
61 B 97ms
50ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKc7wnDKaeYgvhXIGf3neUAiV3NY4-ttcn_DZfse40kCGFTZ4dq78Eg5iCYiZnZ3aWzLvc6Ww3ZzRy_zkg2v2mlNo6qcbBWh2cuPhD4ulomOFXeZq3pqLYtgE36PpWD1qYe3aPzfDX8UwoPbQ3Y-ME0zqrSFmMXhTBbQxPlm8S3epkOlJvCrBDc_3a6bzsz7RTtRaC9FeCb75ql2TOtXQHi4KzR9O6FhJJWsnxILRMarTlFJ3waNza0qzGOBJPiNlrueB0b6oOeVOyk51mbof57vEYfwmgRiY8lX8ryny22A8oSm0MIu5w0BThqTbrkP0r-yuAJnogl8EWe-u0-BV2fLNJCqpwyo-iZ-ukkASJTXkxePO_uJy0jzQ8KqB-eGXcYJZxncfnXzFRnvfI_rNynlU0r74AQCwLUMHvLEClm64HORQyoltRPEebKJCI4ErovM0MqYSFipcQxt6RNQ2O-zA9dbqMGMd5Rk0hXln1CgcQ2govES4G51f1ZH6j9Wo5c-4dgNS29wGMA5aPId8lSD5id8r4X0tRvcgY32lSTwZ8xoIPWInMMjgHE4i8NB2f2_Wftqtq7wfXi1g3aj1JqAaH_H0Clvulp_UZyyZydh8sB6A6M_1CEC_4moRA9YIpan2PX-vE4d951z2jSkql2D-X-P2PsY41Zdy-hQydlvGUPrSASm58PFTfZOzhCYo4L-BCZJTVZrwzW9sxGW_bnmLy4uchYVJjN4X8O2FM4y4n7xgvbWh2mRzs5AJY_C8GGAk78TYM5M39ohSA_E83xl_TB6ZOih1W5uMrVutSNe2Hutqqr6CLL4KnK6Xdd1D9qnofzDkcFc-ygtIsH0H-QgWHcafBU-FG-VNysNeAzVbnRlLIKoE-uNs-ZFZ90Iucw_C08V03J2mw4SxTwbsheK28Zwfa-8oCpv3gppebToKzvq0NQ_s6Rxvba36ka_Tr5gCtMKalgyH7ujaQvxt0I3An16hVyUIxO85MuvYgijuZVYuF9FZitAg6g2eWXpA_TkveHh4GhSYFyyDa-s0I1MLNUBk0YoiXp90rufiniD-MR3W54htBgvoRxVGqfyhJ8SnYvh2vGtgJjQBp4h6HBigg5DFbn_cYDMsEZDxgiKBJLVrZIZe5tCcYJjzNxhzzBevfrfwKnQyyXzvEO5DZSMgI1l84tRUnkyapLZmZtDvMiEUoUEVB_UKHGZee5KtYoFWd1joXI53ufOkdDLYC0kGDSoCZUBH0ZxGvQsoQlyn0r-DxdcW0zAM5Rg&sai=AMfl-YT1n21WfyCjhaBFqmmHKbkzHNyr8DaWyKfB9mmwupkldFUX2aaFwGx98cbsf1T6mIxQNlbBI2xxN949kYhVtD-ckyFk1kRYV_A6SykoGiwA5HcB64_CK9b_haaT27-Xwf5UbRht5NCqm8ZCcTG1vHjUVbzClNnI0jod0YZJW-3jmfKanBQfdfUMmbgWPtN8RzgMkm7dKqqMApmLWUIqD7F3Etjd6S90lNjH3PoRqBM18mMZtism4cPyAIB2h0MLkijEbDHMOjzE7Zd_6do75FBR498vbGM&sig=Cg0ArKJSzL5vf2qopK5cEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=173&cbvp=1&cisv=r20210816.43705&adurl=

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 19 Aug 2021 16:23:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 6652191119280040505
s0.2mdn.net/simgad/ Frame EE3D 32 KB
32 KB 28ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6652191119280040505

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdeb18ef075aacfb464de5144f3817ee9196e4a77e53bd1791e05a67bc809a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:51:25 GMT
x-content-type-options: nosniff
age: 293536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33023
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:51:25 GMT

GET
H3-29 200 6652191119280040505
s0.2mdn.net/simgad/ Frame 46FF 32 KB
32 KB 17ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6652191119280040505

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdeb18ef075aacfb464de5144f3817ee9196e4a77e53bd1791e05a67bc809a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:51:25 GMT
x-content-type-options: nosniff
age: 293536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33023
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:51:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 46FF 0
592 B 85ms
46ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWRnOyvUqGBpGxmTsyosYjwK3lhuer0XpLZ0gabCedgRZhzbN5YFahh3GRPIWm_1YQJn4pCZPABTtfhDADU4b8ySvwf5sVf3pCoqUN3ouZnOpnWwhGtYKVmM2C-v-2JeHQ8fTEvGor2akHCll4ZDG8OGSVuInXDYiX8D-HcjqzHFPctan_A7-UFOtdDHH8snZuMVjI7esVP6j35c2Jgf0HbJ5HYs-_YO1sqYVkDJGsKGWyMKEpcXUOxxdc2LeRivviyxzQZBEq_BbU-DXx6R4wwgNOkF7le2RHlacT__ApnYe1E5JAm8NhlAZTMnJdshx-9T1DiPcZ0G_b68JqTcnUb4wUVG5rZSQIO_2ld_-vDqkxtFOKV1673CZeWpXhuESMfAxo-QHyLmMyu3-AApCNdrpCjhXGExphB8UB37RO8hm6Im3mTkg1KOC-wEceNcPFaen6NgiKTRhoe7ildikZgVg-cD5kHIKx7NAS7WlNfgLDj5OZWaZlPStMx8-yYjQZi3cTsrHqgUVDtFjxA5P1wcIXbyrKeyrveB98S76dXzDSLLEeaF1bgFy8VOThwSr4WX4p2nePWzhdutwQDqNUmvqpOW_GFlBJ-sBm660fTM0y_80zEExGPp_Tfivpc1x6RSrwJinF2eCPSHtr61ylFny0iu2F_4kXa8Yv1SdLEeXgG5Olxq8rQimKwOeL7acCZAz6o6WEOaxnnlJF1KJILsvXtYD3N2MfJHJdn7MT1WjY9JmqBMfehy3-aMGCvxdaWD7IvSjA0hSzU6fBYK_M6k5csR8Cgv5eFnNzG1uD1sCA31iXM-ilU3zPjgpSNSJuZDpxocJKNqJTlFI55P7i92mREiLDbW3bwAHV0uHni0zOp6dXBM6qc9F6WrZdv31aE4BECYU9dfjHoxCzmmDv2SQbg36VgfeyG06ucx4Cu1EeGxTWGHfU-7iqEOMMnMG8BYTQxAXefopMhnFcbz8BqcSjLHGQg7hT4rcWrUmgk3b-3T6QrY4I2juhx39_pp8ZfMBGBMwia-LjapCwuugvG71DyheQTcTB1IKVldyr2Hk29Z3JbDajMxi6WCAgol2mzbj46_zYxwWZe-RZAvzmJLtBPW_D1uE0ePjlyt5PnL50JLHRIRqC7-3fty9zOSo0oVZ9q80bKUZ2zkdIbzr_sSBr2onKJ6LahVXtoIOkPQSpoD2hHXRHWBrugLnnxjo3OLifkRpcE6CQeT7JSk-wC5cNxVEjlwYR3S4TTcNdiVMKJW3rZgy5lop3&sai=AMfl-YSj3bajMI0DfxKd3pzqAXta_kLIbUKEGRPoiAIBTkqqNHaikuScYPA07ObbHzFvJfKDWXg9xBCS_gyVQFOvgJacGUVTDfFQMPDd4CAIrKDKsFGL1FIpCCOiXj6undSDpy8r-FdWvxBpdTYc3y2smBVWh72L0lAK5_3T0TUwMA-CZ5HX6OL-AoBT7pKURvbcwZQj1tdu-euEfEHryjmeh9ty4dmyAC6a93bs1uuwXMFIo2CRXxitrn7e6-O8jFd-9mTHD6xurOfzTVViVUEAi8dFSqe8ppE&sig=Cg0ArKJSzKT3GxW6BobLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cisv=r20210816.94073&adurl=

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 19 Aug 2021 16:23:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 6652191119280040505
s0.2mdn.net/simgad/ Frame A39D 32 KB
32 KB 15ms
11ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6652191119280040505

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cdeb18ef075aacfb464de5144f3817ee9196e4a77e53bd1791e05a67bc809a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:51:25 GMT
x-content-type-options: nosniff
age: 293536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33023
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:38 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:51:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A39D 0
61 B 81ms
47ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8DFFvwaD7r6KCZcAuOCcFjy2gbfSjpEI_TDCszqeJOZXhBknU6jWbD-9dRwE3FbmmLLc3s-Qjzxr1AToolecLhxYuEjw1HnH0H18RzRLHpFYf-liJfekKTX_HEHWI6bJ5072ROnyjsKoAJGImKvD8Ih5JV72OT8XJ5TErj5_ZSe2fBJS_CYhBYmO0zgZOpEFZRu_Ve75XD4YYnTd1ngNn4NwfFivsx_Eisd90RgTd1Vm3XV9pQZC2KdIS8nTS5pl0kA2wdNBQAS-YF3YJBWS9R6zt533xSFtW_Dc0qn0-dfFlB1IWzvnbTsOBqZC_5ykhlSx6_IjHW_xzTCC9ApItNabf2Kni7nogmoGD6ugaZGPCODbFSbfrMigSV5gSj5N1AGD-WywqdAFaUUpgAeqXPjB9WMjc1WbQaDyEnf_l84Ju09rYUFGI33he1xY5Zr5k_1nFHoPZ4PSerRnpzPhsNUSlNaTBU9kiDlQlrxsusv9EgwDOTFXF-E3X_UUWMz6_CNBsHV6iNgHGwaWs8DhR8zbA4DqiRNlO-JQaSBAAoE7rk6dw0X2K3KSnp4_AsxeNCPWh1gPvv4rVW6rAA8HwxmCwuiQgg0jq2XigoXOx6_u-rI2jqcG5jRqixXV3FJNP8zkii57Sch7SqZxOurgnJkOODvBGVeJndizo8uvnjfz0xWbse20L962qBEbMlSRoqg2kNKahksWTIEO94OG6bpARiSwJlRQJd_EEPMfr8qzVBWlY33-2YyIBjtm0SXk3C3XrUOEqtgDogOnZGiTdZq3gM51mwDWmLY9T6dNwbkWEi_f3FHh46_heFfFgAx6nEjB3qea0ldNpKcTJp7YS87bMJvDoQo5Gc5EbvhjKs8UxE-pXnu1lvHiNxykg5TsG9S7tr4Z61DBbOAbQBqx3GxAbjRpru5F1LLszLCjWGXORT-8enCfkwaWt_3blePdTO8mCyX9X0ba3NZ_85-QsLoJfVKbZaVRBnq81rbzhwiZHhkHb2QcA4mV-DL7RuIIq6GZGQY5hdQQhzybkef-q5MBY4NK3rFeCQzVD-O7bb33Ey8wdthL2230wXuWiJi6WSykMXSjVydVDiPLjAetRkiwp_KrFSZWP0xWI0qkTZXSpERBDWGkgxmhl99WRxhMjkLTNDUCtvzUAGe33iihjBjRyV2ouklTKYUJ752TXmKZ8vKOKRjcr2q-ge-GEtvkGGrZZ75KekXrR5aevA1en3k60Bs1xD4LxwbWJQaNEnbcLcof51OYw&sai=AMfl-YTVRUBFbxNNR3VP7ZVDRkG50kOkkk7Bbjl6U9gGA9dHXhTc_v9UvmOy5rzngT8GPIjJEFidGl4GmiA8veJic0wBLh8wjduujkzvrhN0SjW0PONU11enjVO0aLJTUBxXA5kioWRpr2LrLcFLnqJhHoZE5byu4kXVEjB6aWNttgARGIjeoS6xTt6Butw3O4OT0CpuLGmdSlpwo2SUS4zXbBYMtA2gX7EGd6unSwjXSfDGvf5PQUHRBz2--wmAOnUXYFfQgnF-FJKjbzbK7Earvqypg5Eg0Pk&sig=Cg0ArKJSzEJT7deuKetKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cisv=r20210816.65417&adurl=

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 19 Aug 2021 16:23:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EE3D 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 15:32:06 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 10CD 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 11:56:19 GMT
expires: Fri, 20 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 16042
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EE3D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7da43a5c29263382bce4ca5dfa6a7010733ef92489ed3b11bd2bf9e31e018120

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 46FF 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 15:32:06 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B508 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 11:56:19 GMT
expires: Fri, 20 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 16042
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 46FF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03c95f14e40c3cd078d066032a2b1b956288de8c4884f91c570dce723ff8c383

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B528 170 B
232 B 33ms
29ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNXJHTQilce5DTzY1H17fSFAf0esUM2Z8-oZI31KGBeitHIqmmdIU20kWL0gpuUCjTdBPNmcyLRKMbvEODHsSQrkZnglhA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B528
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1&C=1

43 B
1014 B

39ms
38ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNXJHTQilce5DTzY1H17fSFAf0esUM2Z8-oZI31KGBeitHIqmmdIU20kWL0gpuUCjTdBPNmcyLRKMbvEODHsSQrkZnglhA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:41 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B528
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELkZkJ0HFoBChx-4toA4Uao&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELkZkJ0HFoBChx-4toA4Uao&google_cver=1&C=1

43 B
1014 B

43ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELkZkJ0HFoBChx-4toA4Uao&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNXJHTQilce5DTzY1H17fSFAf0esUM2Z8-oZI31KGBeitHIqmmdIU20kWL0gpuUCjTdBPNmcyLRKMbvEODHsSQrkZnglhA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:41 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELkZkJ0HFoBChx-4toA4Uao&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A39D 41 KB
15 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 15:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3095
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 15:32:06 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A14 1 KB
749 B 8ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 11:56:19 GMT
expires: Fri, 20 Aug 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 16042
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A39D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae6aaf357da01ada5413f43a335a79bd2c8a5363a98f4576eb9000954c00bb6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame C96F 170 B
232 B 30ms
29ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWmHzW-YQA6fortoq1wn_H9pTiSGSKJMcrkUmM93rXeVVWASVtiHuzdeabAbI7IIEbyPb99tquYSjgDkXAavOp8CLZEbQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C96F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1

43 B
1014 B

81ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWmHzW-YQA6fortoq1wn_H9pTiSGSKJMcrkUmM93rXeVVWASVtiHuzdeabAbI7IIEbyPb99tquYSjgDkXAavOp8CLZEbQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPF5F7G1_rtjLjdemPNkmjw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C96F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YR6FjTAM5HAh3rXDxQVYuAAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHeaDn4BuruoywmFtdLtvo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHeaDn4BuruoywmFtdLtvo&google_cver=1&C=1

43 B
1014 B

40ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHeaDn4BuruoywmFtdLtvo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjuwgIQ3IHXAhj53tytATAB&v=APEucNWmHzW-YQA6fortoq1wn_H9pTiSGSKJMcrkUmM93rXeVVWASVtiHuzdeabAbI7IIEbyPb99tquYSjgDkXAavOp8CLZEbQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:41 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHeaDn4BuruoywmFtdLtvo&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H2 200 cmTagSLIDER_INSTREAM.js Show response
vidstat.taboola.com/vpaid/units/30_0_5/infra/ 682 KB
117 KB 68ms
27ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 0e9c9358c36ea30656af161c43ed15bdf6bae04961543ee4a24dd60d81212989

Request headers

Origin: https://www.correiodopovo.com.br
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
age: 112608
x-amz-meta-mtime: 1629277492
x-cache: HIT
x-amz-meta-ctime: 1629277493
x-amz-meta-mode: 33188
content-encoding: br
content-length: 118720
x-amz-id-2: eme5FcJbrLUuXhvCnqHv58m6erWUkjbLPbLrVEY3OqSV/r0sD5zyTJq4vTBQ+tV6ofIHH1iYJKk=
x-served-by: cache-hhn4051-HHN
accept-ranges: bytes
last-modified: Wed, 18 Aug 2021 09:04:54 GMT
server: AmazonS3-br
x-timer: S1629390221.438225,VS0,VE0
etag: "365884dc4180237128e84f368d1085a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: ZG8BP08XH40N8ZRB
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 1406

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/30_0_5/assets/css/ 60 KB
8 KB 26ms
26ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/30_0_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.5.0/UnitSliderDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6e07734fe1015f88d67a257108878aed46f82946feba5973a0d306aa927ad71a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
age: 112610
x-amz-meta-mtime: 1629277534
x-cache: HIT
x-amz-meta-ctime: 1629277535
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7972
x-amz-id-2: gnUS6zP1Tr4W4Bb8tzkniFL0Jfgm0v5Egd157VRB6DUXzXhSVYtRgURmWtDgaaL7oagK9sFhyCU=
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
last-modified: Wed, 18 Aug 2021 09:05:36 GMT
server: AmazonS3-br
x-timer: S1629390221.402107,VS0,VE0
etag: "ce1087477d9ed75a60ebb531908eb622"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: KE9XSSG30BSFDBCW
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 13860

GET
H3-29 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 4A13 9 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 08:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
age: 201993
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
expires: Wed, 17 Aug 2022 08:17:08 GMT

GET
H3-29 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 4A13 149 KB
44 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCphn4Z4L2dGNoh7jz_99EOA&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 20:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
age: 588525
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
expires: Fri, 12 Aug 2022 20:54:56 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 9C1A 43 B
183 B 291ms
93ms Image
image/gif 2600:1f18:612b:4264:6067:ea36:4ec5:cf74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:6067:ea36:4ec5:cf74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9C1A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa

0
181 B

28ms
14ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390222.633864,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9C1A
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&

0
230 B

1127ms
32ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30208

Redirect headers

Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 110
Connection: keep-alive
Content-Length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9C1A
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=vlkSj2qsQZxVaLEjfyHSGLmcr20&user_group=1&ssp=taboola&gdpr=0
https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=vlkSj2qsQZxVaLEjfyHSGLmcr20&user_group=1&ssp=taboola&gdpr=0
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5

0
230 B

33ms
32ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30061

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5
date: Thu, 19 Aug 2021 16:23:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F4F2 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 15:32:06 GMT
expires: Fri, 19 Aug 2022 15:32:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F931 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 15:32:06 GMT
expires: Fri, 19 Aug 2022 15:32:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B338 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 19 Aug 2021 15:32:06 GMT
expires: Fri, 19 Aug 2022 15:32:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A39D 0
20 B 26ms
26ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BgO5UjIUeYbCvDoLx3wPbiYHgDwAAAAA4AeAEAg

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 4A13 125 KB
41 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d0d9d085dd67a5433f67110f9cec09f5a7fbb704aebc6f9b8f26247da253a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 17:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41988
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 17:11:05 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E0E7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa

0
285 B

28ms
14ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390222.633730,VS0,VE8
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fb4f6367-b71d-42f6-b2c9-83ca50fb69aa
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame E0E7 43 B
182 B 221ms
94ms Image
image/gif 2600:1f18:612b:4264:6067:ea36:4ec5:cf74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:6067:ea36:4ec5:cf74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E0E7
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&

0
230 B

1127ms
32ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30208

Redirect headers

Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=d114cba1-0109-11ec-8574-1e875f050506&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 22
Connection: keep-alive
Content-Length: 0

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame E0E7
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=d63cc95a-53c6-470c-9953-dc672c5a3cea&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=352&user_id=97c4888f-0702-42d8-875a-4ffbb059b2df&expires=2&ssp=taboola&bsw_param=d63cc95a-53c6-470c-9953-dc672c5a3cea
https://x.bidswitch.net/ul_cb/sync?dsp_id=352&user_id=97c4888f-0702-42d8-875a-4ffbb059b2df&expires=2&ssp=taboola&bsw_param=d63cc95a-53c6-470c-9953-dc672c5a3cea
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5

0
230 B

33ms
33ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30061

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=a83d627a-b30b-4664-8a63-40656a8144d5
date: Thu, 19 Aug 2021 16:23:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10CD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aFJ5Wm50U0kxTWdLUHI1&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cver=1&google_push=AYg5qPIOxXAEL1I2tM0FaZValJnE75kVG6CFtPIUV1jqMZP...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aFJ5Wm50U0kxTWdLUHI1&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cver=1&google_push=AYg5qPIOxXAEL1I2tM0FaZValJnE75kVG6CFtPIUV1jqMZPTx1GZskjbhKjlIRpzagNrWyU1WlTvH-0y9eOtLOfjiRmH5sTLehCE

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:40 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-07ed93884cf47b6e0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aFJ5Wm50U0kxTWdLUHI1&google_gid=CAESEHaqVADr7fVEyVRO8bGMKmE&google_cver=1&google_push=AYg5qPIOxXAEL1I2tM0FaZValJnE75kVG6CFtPIUV1jqMZPTx1GZskjbhKjlIRpzagNrWyU1WlTvH-0y9eOtLOfjiRmH5sTLehCE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10CD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJ1AHf9Gy7F2LgqukxBqyzXfkrSLoei1djOYJSNT8vKi7c50XOdV_...

170 B
188 B

29ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJ1AHf9Gy7F2LgqukxBqyzXfkrSLoei1djOYJSNT8vKi7c50XOdV_3r-j_YT7HoujrWQvpaQbntVa_BIGAR2cWU7j5VAVQ0

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1629390222.530542,VS0,VE93
x-served-by: cache-fra19139-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJ1AHf9Gy7F2LgqukxBqyzXfkrSLoei1djOYJSNT8vKi7c50XOdV_3r-j_YT7HoujrWQvpaQbntVa_BIGAR2cWU7j5VAVQ0
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET google
pix.impdesk.com/csync/ Frame 10CD 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10CD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPY6--mcbM0J5m_cuprdbrk&google_cver=1&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT5...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0B7jUHU3TZl5si0-b56hW7mcr20&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0B7jUHU3TZl5si0-b56hW7mcr20&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0B7jUHU3TZl5si0-b56hW7mcr20&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT5WXf62z5LTOeo9&google_tc=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=0B7jUHU3TZl5si0-b56hW7mcr20&google_push=AYg5qPIKEszXKalXN3FxY_7dW_cWSSMokw4Cu-Su7oRmQfzEhomLyR5Jm5-83k3dg8fTJg_ytcHTawPYL_QuhT5WXf62z5LTOeo9&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10CD
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEAzdi1EmZtyh9lvuxfRoGfQ&google_cver=1&google_push=AYg5qPK0_iy6gbq-GtmQOIqH0scruULsLclq-ovn_1tRdtQZAaQADvjG8EU61YCYVTvD_6q_rWvLAazKT39p3m2aaihLUecTZX_4
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&mn_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK0_iy6gbq-GtmQOIqH0scruUL...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&mn_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK0_iy6gbq-GtmQOIqH0scruULsLclq-ovn_1tRdtQZAaQADvjG8EU61YCYVTvD_6q_rWvLAazKT39p3m2aaihLUecTZX_4&gdpr=&gdpr_consent=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&mn_hm=MjcyMzkxODIxNTM0ODUyMTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPK0_iy6gbq-GtmQOIqH0scruULsLclq-ovn_1tRdtQZAaQADvjG8EU61YCYVTvD_6q_rWvLAazKT39p3m2aaihLUecTZX_4&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Thu, 19 Aug 2021 16:23:41 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10CD
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBAvbb5536A64M_PrO4lnQ8&google_cver=1&google_push=AYg5qPLAv9kTbthHYUNIo_NAihI5qDjI5IwjVuat5ToHWv14XX50udpPv_7VPd3ReDuQ5PkWYBu7kh...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLAv9kTbthHYUNIo_NAihI5qDjI5IwjVuat5ToHWv14XX50udpPv_7VPd3ReDuQ5PkWYBu7khE7CGrgqReAwJZIoneiz-Ii&google_hm=MTg0NTQ1NT...

170 B
188 B

61ms
60ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLAv9kTbthHYUNIo_NAihI5qDjI5IwjVuat5ToHWv14XX50udpPv_7VPd3ReDuQ5PkWYBu7khE7CGrgqReAwJZIoneiz-Ii&google_hm=MTg0NTQ1NTQwNjE2MjAwNzg0NA%3D%3D

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPLAv9kTbthHYUNIo_NAihI5qDjI5IwjVuat5ToHWv14XX50udpPv_7VPd3ReDuQ5PkWYBu7khE7CGrgqReAwJZIoneiz-Ii&google_hm=MTg0NTQ1NTQwNjE2MjAwNzg0NA%3D%3D
date: Thu, 19 Aug 2021 16:23:41 GMT
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 10CD
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEA2DGNXCMOGF4_Be3qLTYzk&google_cver=1&google_push=AYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5...
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D66934c27-cf3a-4db9-90e0-d8029b0a3416%26google_push%3DAYg5qPL5u0F6zvtQXOzEnGXorAPya4D...
https://tech.rtb.mts.ru/?dsp_uid=66934c27-cf3a-4db9-90e0-d8029b0a3416&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D66934c27-cf3a-4db9-90e0-d8029b0a3416%26g...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=66934c27-cf3a-4db9-90e0-d8029b0a3416&google_push=AYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh...

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=66934c27-cf3a-4db9-90e0-d8029b0a3416&google_push=AYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5pnrIWBpPyBoqQ

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:23:42 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=66934c27-cf3a-4db9-90e0-d8029b0a3416&google_push=AYg5qPL5u0F6zvtQXOzEnGXorAPya4DW-yY8fpIJ1vpjzi5oVrpUNeoN7CrSbUjMdbEC1AQbLd-LLy4TfpGd88sh5pnrIWBpPyBoqQ
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 10CD 0
40 B 31ms
30ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYoI1XhYHdDdX7DkSMujUlylTDJexkeeZElwoYKjnAX2qj1U27UN1UUmDry3elN_m6fWBREg

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame B508 35 B
464 B 47ms
14ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELH29VRzlKy2F_CIIYrxjDE&google_cver=1&google_push=AYg5qPK4cFoq0CWXeAOko_J9czaEZT7SHcV5TLCmmswrKffXKIWS_VPTPNTn8KBFTn6wB0yDm40jYHed-VfUVCLnwHzVnpUVLpAr

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B508 70 B
264 B 60ms
40ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECaYddCOxfrAlvCMgh5pOLY&google_cver=1&google_push=AYg5qPKRPQMbWeLtpgOcq5ZgNa6TysA67mHlZ1RJe_55iqS1g5qaWUfU9ELgE5bwVBjs3qh6WaoRm6knWwKKX7_6QnRgfjo-pQKw
Requested by: Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B508
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEAs_jXBxyOdz2hkZiq8eMk4&google_cver=1&google_push=AYg5qPKIodJvtIw2TUc5KsLuBzi0aFflesZ0TQnbWLIXjHEdtbkUFW59GqBo8YZEdoVKVcyz-j43yQ3...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEAs_jXBxyOdz2hkZiq8eMk4&google_cver=1&google_push=AYg5qPKIodJvtIw2TUc5KsLuBzi0aFflesZ0TQnbWLIXjHEdtbkUFW59GqBo8YZEdoVKV...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=bmrDO8SmQz2iL2Us5dKeUmEehY0

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=bmrDO8SmQz2iL2Us5dKeUmEehY0

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=bmrDO8SmQz2iL2Us5dKeUmEehY0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B508
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKK98EIpKJ4JfwRx9cVwInM&google_cver=1&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A7YFfGmBRlaGpoKA8Hrc0g2&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A7YFfGmBRlaGpoKA8Hrc0g2&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6&g...

170 B
188 B

30ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A7YFfGmBRlaGpoKA8Hrc0g2&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6&google_tc=

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A7YFfGmBRlaGpoKA8Hrc0g2&google_push=AYg5qPKaKZe7RTa73Rw3G3-d01bZKFKeEQIEMPrEKew1qV5XCyUPKXOy4YFRttMxQ5QDGKi2gRHmHkxx7ok2VieJdqLvucsgkqg6&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 415
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B508
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESELjcdqcI_tsdOyN0qerXH2A&google_cver=1&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESELjcdqcI_tsdOyN0qerXH2A&google_cver=1&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L1bknt

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L1bknt

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPL4XXdcGbceveqwWgBD_NfpeaJ1uq1H-IoQueI26gsBQMPBW8mWhlaAMHAcYCooe371z0T2qo6AgKtGJakUkp6JH5L1bknt
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B508
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEPY6--mcbM0J5m_cuprdbrk&google_cver=1&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYajl...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8k1Fj-7iQB5xbF2vX299_rmcr20&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYaj...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8k1Fj-7iQB5xbF2vX299_rmcr20&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYaj...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8k1Fj-7iQB5xbF2vX299_rmcr20&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYajlWvCQ4b1as-d5y&google_tc=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=8k1Fj-7iQB5xbF2vX299_rmcr20&google_push=AYg5qPJtplN5bdLgsVemcwuJMKW1JJnXNNsS49NuKNibeWmbGGzybEKcFDZZFXmTZ28wbbqGa81ntz_yxbHYajlWvCQ4b1as-d5y&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B508
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHvA0uHsH7Au2Saw-NxdPTE&google_cver=1&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBR...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHvA0uHsH7Au2Saw-NxdPTE&google_cver=1&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBR...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcS5raDVWRTJ1SFdwbGtMV0QuaFBfRDhScVlpWnZPaH5B&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcS5raDVWRTJ1SFdwbGtMV0QuaFBfRDhScVlpWnZPaH5B&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBRqa0jDbXQcf4oMkP60P_68rvWWneA

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RcS5raDVWRTJ1SFdwbGtMV0QuaFBfRDhScVlpWnZPaH5B&google_push=AYg5qPIcipwRtCwYxJ1xz5A10MI-YtLh0o2Fa03LEOJlF3yxQ7FqrrPaC92K2Bq7NJTQLOiNBRqa0jDbXQcf4oMkP60P_68rvWWneA
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B508 0
40 B 50ms
28ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ii9A9LjkI8t_oK6RgQYE7aCYpeMEpaklf8zeiLXsJJ8YMsP7AZluBayAT59imgCNz_PagvKQ

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3A14
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAgW__rU3UAowbxVd5frq0A&google_cver=1&google_push=AYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAgW__rU3UAowbxVd5frq0A&google_cver=1&google_push=AYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY...

43 B
409 B

175ms
166ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAgW__rU3UAowbxVd5frq0A&google_cver=1&google_push=AYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6814ba561cfe0746-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 285
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6814ba54c9b10746-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAgW__rU3UAowbxVd5frq0A&google_cver=1&google_push=AYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIHiYU6I-Lz99IVprUl1jKoANfNEZ9OW2R4ra5uR-ZuYl5GB_qNJ97BAIJuxMzCKecgNKaOOHnw5GTepDgzN5IPGSqEOEY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3A14
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJlx4ixSJKuagOz2zxMrdTmCI_UevbH1x_qhQwa7v6RwdEwZzCG30...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJlx4ixSJKuagOz2zxMrdTmCI_UevbH1x_qhQwa7v6RwdEwZzCG30zv3UcpeSRx8geDQzroXvSNMm3XAn1jJSr7p6qsca-P

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1629390222.558653,VS0,VE94
x-served-by: cache-fra19139-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKt7KCvEdzxE56WWi4UEC_k&google_push=AYg5qPJlx4ixSJKuagOz2zxMrdTmCI_UevbH1x_qhQwa7v6RwdEwZzCG30zv3UcpeSRx8geDQzroXvSNMm3XAn1jJSr7p6qsca-P
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3A14
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEPzQGiA2c0_qA_DwwZ7t1GU&google_cver=1&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEPzQGiA2c0_qA_DwwZ7t1GU&google_cver=1&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=droPOLmxWl4qjXJkqjJlUQ&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6hPluqCc9pZXxQbcr_r7F...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=droPOLmxWl4qjXJkqjJlUQ&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6hPluqCc9pZXxQbcr_r7FOTBk_dJ3TqbQHw8AMTj

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=droPOLmxWl4qjXJkqjJlUQ&google_push=AYg5qPLUrNsn_qYSg8MkjM95iYMgvSqa5USPx7k1lKWJLQznVKWd24oOxKvH6hPluqCc9pZXxQbcr_r7FOTBk_dJ3TqbQHw8AMTj
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 3A14 42 B
233 B 318ms
107ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESELw_9huAdQ2CO4hHok8mXoo&google_cver=1&google_push=AYg5qPIra2-67rdip2eMYcrY5TgEE-GkWu7717Tw0BuEfqWKLxhddRLwwOFxM7dvOaLN1Tz8AEdSPowmOQ6JslI83Jv-ne_ZXGli
Requested by: Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:41 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3A14
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO1jItkJ3bCrs_Z43vwy6C0&google_cver=1&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE2MzY4MzMzNTUyNzM2MTY2NQ%3D%3D&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6...

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE2MzY4MzMzNTUyNzM2MTY2NQ%3D%3D&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE2MzY4MzMzNTUyNzM2MTY2NQ%3D%3D&google_push=AYg5qPKp4x1Z9bUcQlbGWjoLi_k6aWvTgKsDnM0GOktOk4eERqs_ZFw1C5S6dmILi_-DFtQoTPqBC-Pj4Rkuetz79kjy_9qrJ1hp
date: Thu, 19 Aug 2021 16:23:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3A14
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBAvbb5536A64M_PrO4lnQ8&google_cver=1&google_push=AYg5qPJbJCbTvOsrHDE5S5tk-YhFegQ6A5eAEw9a7cguR_nbAaylCEKWH9PoVkzXPPp0BvuwN9EnJq...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJbJCbTvOsrHDE5S5tk-YhFegQ6A5eAEw9a7cguR_nbAaylCEKWH9PoVkzXPPp0BvuwN9EnJqCKD8NPCNpGebjxz-8EapX4&google_hm=ODEwMTU0MT...

170 B
188 B

29ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJbJCbTvOsrHDE5S5tk-YhFegQ6A5eAEw9a7cguR_nbAaylCEKWH9PoVkzXPPp0BvuwN9EnJqCKD8NPCNpGebjxz-8EapX4&google_hm=ODEwMTU0MTIyOTQ5Mjk4MzYyNw%3D%3D

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJbJCbTvOsrHDE5S5tk-YhFegQ6A5eAEw9a7cguR_nbAaylCEKWH9PoVkzXPPp0BvuwN9EnJqCKD8NPCNpGebjxz-8EapX4&google_hm=ODEwMTU0MTIyOTQ5Mjk4MzYyNw%3D%3D
date: Thu, 19 Aug 2021 16:23:41 GMT
content-length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 3A14 0
44 B 973ms
238ms Image
text/plain 54.250.62.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEOamfBv7vd1NhY-rBe1iDjU&google_cver=1&google_push=AYg5qPIpmVwsufYp65vpEztQkflozWOjh_dhszFz1QTNJVhotuRnk3tKg8KGNBwHk6qD9iZvGRr7Nk7ayBV185iN5iDrsyU396s
Requested by: Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.62.115 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-62-115.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A14 0
40 B 32ms
30ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEoxJNC3ZxefhpppASy4mwslyWOz_gc31cvxi6XynnI2Ykpqt7-lnJoELQcoysYPFvhFxL

Requested by

Host: aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com
URL: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
18 KB 3117ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:44 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront), 1.1 varnish
age: 2464364
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1629390225.696878,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: XiPzI3T7-j00LduMNKNm2rmlUDrCpSGT1aq1AjMdveabScX3DbI-Pg==
x-cache-hits: 257067

POST
H2 204 bulk Show response
trc.taboola.com/correiodopovo/log/3/ 0
370 B 75ms
75ms XHR
image/gif 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/correiodopovo/log/3/bulk?tvi2=84&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 59
pragma: no-cache
date: Thu, 19 Aug 2021 16:23:41 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390222.635691,VS0,VE59
x-served-by: cache-fra19146-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE3D 0
545 B 114ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/15461216385557670375/ Frame F451 51 KB
7 KB 31ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb8dea5ee948e5cc222ca67a778dc57c0516c4e4809673d9b3f3122b9ec4a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/15461216385557670375/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 16 Aug 2021 06:51:25 GMT
expires: Tue, 16 Aug 2022 06:51:25 GMT
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6237
age: 293536
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame F4F2 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:48:58 GMT

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame F931 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:48:58 GMT

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame B338 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:48:58 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
631 B 3120ms
36ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 2755
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by: cache-fra19124-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1629390225.945618,VS0,VE0
date: Thu, 19 Aug 2021 16:23:44 GMT
x-amz-request-id: 6P8Y14FA9N2SAAH6
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 85
x-cache-hits: 1557

GET
H2 200 98da7d7d390d768a5b317b0dc6e0693c.js Show response
s0.2mdn.net/sadbundle/15461216385557670375/ Frame F451 73 KB
19 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6468c5fc73af878e3e3ad88c738557dddd449caaeeb10920201038ba8c8f0eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19071
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:51:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A39D 0
60 B 42ms
42ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/15461216385557670375/ Frame EC76 51 KB
6 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb8dea5ee948e5cc222ca67a778dc57c0516c4e4809673d9b3f3122b9ec4a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/15461216385557670375/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 16 Aug 2021 06:51:25 GMT
expires: Tue, 16 Aug 2022 06:51:25 GMT
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6237
age: 293536
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 user_uploaded_caecilia_lt_std_400_normal.ttf
s0.2mdn.net/sadbundle/15461216385557670375/fonts/ Frame F451 44 KB
44 KB 7ms
7ms Font
application/octet-stream 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/fonts/user_uploaded_caecilia_lt_std_400_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec2da22de5b46d5787547d46bab1d677660df068ee085f08978ff596bf385cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45364
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 user_uploaded_caecilia_lt_std_700_normal.ttf
s0.2mdn.net/sadbundle/15461216385557670375/fonts/ Frame F451 45 KB
45 KB 9ms
8ms Font
application/octet-stream 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/fonts/user_uploaded_caecilia_lt_std_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dea3a0fb943c79acc7c162656034aece1951cff8ffca52d91d1d7f39952c981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46372
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 c8ba375791d6dba9526c4f88e62bd7f1.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 22 KB
22 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/c8ba375791d6dba9526c4f88e62bd7f1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5622fc6e023781b78f0c8324079a9ccf6231295f79e3d1e2f600b9401afc4cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22143
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H3-29 200 cac2be686d473db94b8f6e8278abf60d.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/cac2be686d473db94b8f6e8278abf60d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1326c6f584f3f03571a819a59f81424312021b67454570054aceff289b8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175559
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 0522c0cbefec03929e6abd80f84d75fc.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 5 KB
5 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/0522c0cbefec03929e6abd80f84d75fc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ad3bd65f9236cb09807ee97c3ed9ef06fc8041fa7e09a0dc07debe0575cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5385
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 46FF 0
60 B 43ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/15461216385557670375/ Frame 9310 51 KB
6 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb8dea5ee948e5cc222ca67a778dc57c0516c4e4809673d9b3f3122b9ec4a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/15461216385557670375/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 16 Aug 2021 06:51:25 GMT
expires: Tue, 16 Aug 2022 06:51:25 GMT
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6237
age: 293536
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 63f89184b188c1fee17d2561c46ad514.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 80 KB
80 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/63f89184b188c1fee17d2561c46ad514.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d260f04be099503762fbfc6ecb863b1d169440feab2d9bc56fb605c76c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:15 GMT
x-content-type-options: nosniff
age: 182847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81425
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:15 GMT

GET
H3-29 200 98da7d7d390d768a5b317b0dc6e0693c.js Show response
s0.2mdn.net/sadbundle/15461216385557670375/ Frame EC76 73 KB
19 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6468c5fc73af878e3e3ad88c738557dddd449caaeeb10920201038ba8c8f0eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19071
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:51:25 GMT

GET
H3-29 200 98da7d7d390d768a5b317b0dc6e0693c.js Show response
s0.2mdn.net/sadbundle/15461216385557670375/ Frame 9310 73 KB
19 KB 6ms
6ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6468c5fc73af878e3e3ad88c738557dddd449caaeeb10920201038ba8c8f0eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 06:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19071
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 06:51:25 GMT

GET
H3-29 200 c8ba375791d6dba9526c4f88e62bd7f1.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 22 KB
22 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/c8ba375791d6dba9526c4f88e62bd7f1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5622fc6e023781b78f0c8324079a9ccf6231295f79e3d1e2f600b9401afc4cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22143
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H3-29 200 cac2be686d473db94b8f6e8278abf60d.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/cac2be686d473db94b8f6e8278abf60d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1326c6f584f3f03571a819a59f81424312021b67454570054aceff289b8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 user_uploaded_caecilia_lt_std_400_normal.ttf
s0.2mdn.net/sadbundle/15461216385557670375/fonts/ Frame EC76 44 KB
44 KB 8ms
6ms Font
application/octet-stream 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/fonts/user_uploaded_caecilia_lt_std_400_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec2da22de5b46d5787547d46bab1d677660df068ee085f08978ff596bf385cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45364
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 0522c0cbefec03929e6abd80f84d75fc.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 5 KB
5 KB 10ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/0522c0cbefec03929e6abd80f84d75fc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ad3bd65f9236cb09807ee97c3ed9ef06fc8041fa7e09a0dc07debe0575cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5385
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H3-29 200 user_uploaded_caecilia_lt_std_700_normal.ttf
s0.2mdn.net/sadbundle/15461216385557670375/fonts/ Frame EC76 45 KB
45 KB 7ms
6ms Font
application/octet-stream 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/fonts/user_uploaded_caecilia_lt_std_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dea3a0fb943c79acc7c162656034aece1951cff8ffca52d91d1d7f39952c981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46372
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 c8ba375791d6dba9526c4f88e62bd7f1.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 22 KB
22 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/c8ba375791d6dba9526c4f88e62bd7f1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5622fc6e023781b78f0c8324079a9ccf6231295f79e3d1e2f600b9401afc4cf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22143
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H3-29 200 cac2be686d473db94b8f6e8278abf60d.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/cac2be686d473db94b8f6e8278abf60d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1326c6f584f3f03571a819a59f81424312021b67454570054aceff289b8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 user_uploaded_caecilia_lt_std_400_normal.ttf
s0.2mdn.net/sadbundle/15461216385557670375/fonts/ Frame 9310 44 KB
44 KB 9ms
8ms Font
application/octet-stream 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/fonts/user_uploaded_caecilia_lt_std_400_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec2da22de5b46d5787547d46bab1d677660df068ee085f08978ff596bf385cd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45364
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 0522c0cbefec03929e6abd80f84d75fc.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 5 KB
5 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/0522c0cbefec03929e6abd80f84d75fc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ad3bd65f9236cb09807ee97c3ed9ef06fc8041fa7e09a0dc07debe0575cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5385
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H3-29 200 user_uploaded_caecilia_lt_std_700_normal.ttf
s0.2mdn.net/sadbundle/15461216385557670375/fonts/ Frame 9310 45 KB
45 KB 9ms
9ms Font
application/octet-stream 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/fonts/user_uploaded_caecilia_lt_std_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dea3a0fb943c79acc7c162656034aece1951cff8ffca52d91d1d7f39952c981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46372
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 63f89184b188c1fee17d2561c46ad514.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 80 KB
80 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/63f89184b188c1fee17d2561c46ad514.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d260f04be099503762fbfc6ecb863b1d169440feab2d9bc56fb605c76c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:15 GMT
x-content-type-options: nosniff
age: 182847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81425
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:15 GMT

GET
H3-29 200 63f89184b188c1fee17d2561c46ad514.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 80 KB
80 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/63f89184b188c1fee17d2561c46ad514.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d260f04be099503762fbfc6ecb863b1d169440feab2d9bc56fb605c76c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:15 GMT
x-content-type-options: nosniff
age: 182847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81425
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:15 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F931 0
463 B 49ms
29ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOoFVjIUeYbKvDoLx3wPbiYHgDwAAAAA4AeAEAg&bg=!R0SlRADNAAZvV8FTb1c7ACkAdvg8WtOUmNtG7Wju8K9b_WAS7x513CLxB7imwr0nxiPzzl4EwQmJcwIAAAHaUgAAADpoAQeZAsrnqSsCrVA1dWpVR0xnOTdJADpE6KqyUJmqoucwB9Tt0zNmoKwYo0s3U3OhP9WGUYGcCC55LFbR2pfc9bB8qJnK4hdjOZQjctyuvdzUfvHA7xuKzc6EOfIUIJvDw_lB6Gh4G7-UnhmZB_QjY4-5-lv5DMT_zYDnOPd4rU6GxB-acSHcVT0gMGJxa9m-MYG0rzrM1Vxa48WLZt3ppaq0NfqWqyvF4GQNfPqDs1M-n65H29JEgioB7PR7_G2X9vrN8yElYkXY7vD-s6X_XjKO9At5Lo6mPOKc5x0BfvjbYufPqj1FSVpvTiYYkQKHvCalBjepkEOrll4Sxgik9K3Zj7gcQmCMSQCz0xbKPNpahOK6yejPEbyxUA3OEcufImdKHMdGDtYQCRQcO8ZZ-zdSgVLJzMznq521hympOrShlsW8KrwCHMT4c3BxH4ud2A6UbpEUpLKOU5n2erX40FRl4hhuXIed8xAeyG7GYPUsAMowNt12JEvc-l-5YGWJjD12sYwHKRxSBLJd29uiTSqXzaF3wd2pZkObWFAjZU0cqgIEBWJJJa07efmSTaJQPmHi3yVFdrbeG-JxpccOzeuA7ejapesx92e04uBA0QLhcSzwufWizSDeldrnR6fMeH3PeGlPSOc4xVx8mP4BEpZFdcTmUgyl0ABCIGocuf1oappaWm7hzPGtm6U2aH1aHzjB88pZYYE9FiJE8Kl7wSfKw91WnOR0uXYTCdxRkyhuTBjUXiwrhTYyOHbj0VOjGSgCOu-RR42sRUAYfqsexIUu0iOTGiifOSDjC11S1BAREDQEju2hcSXdMhZVDTHbtqH8ln6SvHU9p3NBh8rqHD-fJeZNBKfMlyJhEo0mWabuwtcLUH4cSDmxGrlUPtSfJOpPj24qLZC6-3XB8TZQRK-R0IiMdaBftRpWFwQrSPfuBA4s4efzZBtrWsSugmo

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4F2 0
56 B 43ms
29ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BW6qmjIUeYbGvDoLx3wPbiYHgDwAAAAA4AeAEAg&bg=!NDelN3PNAAZvV8FTb1c7ACkAdvg8WqtEpI5CmljCfEcpi4JMuwmYqnZ02i-hmmTf8lY9DPfHEaJu2wIAAAHbUgAAAFpoAQcKAIrYsNFiW8EOA2u7UVGNUocjr83fvdLRx3BjxJM4qgU6Eclgi2SYkIX9tgquPoApmK4CIVo-4edTIZ2Y5r1_pKONcR5nL_VWGHhmJUdxtd6z5FFjdyRse6gO8ViB-M09YNai_qneUC9MztQYdcAz1kIEiM_VNOonFVxpTbzIipCXAX7uWIyOKqNkbGeZAsX1PKpdsNctlnPaLOU1E44pckJbTgiy2UZ0fia5TNTarzH6HVbPzI6WMuhSglqn5i5EGguS6EKrlFy0mJRHxN7CqEiPFHficIoYjLRCTui7JC2lXKQy-t8nZkuvoUuDDo2t4oWwU_PnUDar4R3z_pj-EVJw7PDfaMrzW2gL0BoQhkFNQmWjj8czVgztcuyNRZA_-JiysP5zh5pyKsVubcdE8o3G3ODScnnTdzwA7-951nFTcJkAEb9gNH_NJembzbEyAxqanlTLerzf62FLr8Xw9qBlDNOGi14H0_Tn_H3UV78ZrFPoMgvkARAngYqXJ7Rfywp1QeA-f15MiXCqsCg8FzZpFQhDn58_xmz1JHKADVM5EbuiWZ6pTsTduThGvFo0WeaArOdDI8rpykOQeJ9k3OgTRuNAcSmAL1lVX9smWudK60Z17L69lSro94QDrOb6C9h7WGPw5P87zte3F0uC_G5uYiTb17mzQIDfEDeD3qwXPpLLxeIel2pwXxWIXBjh0G-EPrSRHHauaB62gc9eAXavsnvCmNo_t1HlHkmujV3INElsTONlJP7A7yaZorAgoasjStfZeIiqUfGhf8IO546NglA1eTqQs2IKQN1fiZYsMBkobIwyfZw6dlTMRxQ-TywC457tpkXE9HSb03XPtdfTRxNuw7UCilZRedfH8tXRvRZEPCdyi4kDTDKhRwG5I7ei4_R0zqUW2aYzQX815xVHMVZngKDDZAuOCz9H_LnJOj2dapD8kVo-j-2BpMMRxK8L-Sf3rRIJ37RvDaRAFm_2RTIfdlM9yfXqpvxHG4aO91ITh06ody4ZlppEE_JIi_9dtsb_XDWMiEB5XhrpkzUbJSMaeYekF5Z741jMOVgBnJPs7ucl3OmVUGmG3z9Mn1BfRt20knCsCKa8RV-MKOAW7gphwqZ6PCNPt-gWkiql2FSV

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B338 0
56 B 29ms
28ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgO5UjIUeYbCvDoLx3wPbiYHgDwAAAAA4AeAEAg&bg=!9_Sl9LDNAAZvV8FTb1c7ACkAdvg8WlDZYvNolwE0VtNYIg-EKiNkW4XeLC-ED-3vRjhv2HBALELONQIAAAIdUgAAABpoAQeZAsi9dpA4mch_ZS7PAesEXg7fhjOCdV-SCD6CNQXDnTKiHPZbVvKy5tfuj7VDyppScPyKeXDOtlwycxiYWmoXydUj_GWucvLeVPenkpGkmLT-6EJ7yAy1Zi5VJ_dX2jH5squft1D-qDwAd4oxtJOxdaCGoJyiUzG2b_ulqWfDcraNnUkXF47GR7ih82fxF4i2ENiUJd_KGwTY_IRUiBWDb5hugeGsdQFMup8gvrXMz6P8gkczMivGjIgs1cTX9jAcVFFESQAqj4bPsg8aW_Bmeys6WcJmxDIMlU8otnMSA08mys1ECJdH-RHKBLrnVNsiX0ldaRfmOA-FR9LWwOptN8ifFuaDdz31MWn6YObMtDPeb-_-PflnVWRks0mOzbQmaJj2d3LnkGF0A4OEkO85B4YU3f7zRddJgNPCW0w9vgeIId3QLNZrMWrEOHx1_ak4eiMPF3Uh8uSdtYwTlsrKlTDjiYoW05zlu-JShlFiwLD-h3RkV3AoZu16yu1PAUZlewfcIhySznYeG9Fv1t46Gp6ZRbk4prQrCK8mbfQEN-SKvrhdKVqfymVj3VPg_F7zLD3RUrM1LhDvJJohkf-Gd-xRddHdnLCFhlZxldgY4jwbRJOxeifmJIyG6PimuL-9x3cc95PC1oBFac-y1pW6RTNTauJr2pM3RYy5ik-lznDJJ6mFreYTLyiCAUKifOh8C6ZCDANCzzuDMLgB1XfX6GMAPZnk5_HtPOmvCAczaLSIC9EbFhZKUsupKlgDCrEUdawhxXVvk7Htj7cB4LwksVhaoMEuf1yDI6wPJHsFJQQMWocN5wfQ1Sgk2NW_2LJ_6RQuqy6Mn5DtE_fxhHNu_nKGiiK44q33z3jwuopWc3OVGwJurh_rPRK2PdzcRrwqpvbwd-IG1DFQHOBfbjL_ROTF3DJ8U3WSQVmGj2YvwQZKAeXLSDw6uO5f

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame F7AE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KSJ4VA2E-I-HBRL

0
50 B

46ms
45ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KSJ4VA2E-I-HBRL
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390223.555185,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19146-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KSJ4VA2E-I-HBRL
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame F7AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEE8LAurPreM_kkQBAIfIiCk&google_cver=1

0
201 B

42ms
42ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEE8LAurPreM_kkQBAIfIiCk&google_cver=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390222.467837,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEE8LAurPreM_kkQBAIfIiCk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F7AE 42 B
547 B 350ms
36ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c:$UID
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:2609
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F7AE
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cc5bb19-017b-4231-ae76-3c47bda66983-tuct8180b0f

170 B
188 B

29ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cc5bb19-017b-4231-ae76-3c47bda66983-tuct8180b0f

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3cc5bb19-017b-4231-ae76-3c47bda66983-tuct8180b0f
date: Thu, 19 Aug 2021 16:23:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23133

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame F7AE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=98e16544-42f2-4e8e-8620-c7045dca57d6

0
54 B

56ms
56ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=98e16544-42f2-4e8e-8620-c7045dca57d6
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390223.555115,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=98e16544-42f2-4e8e-8620-c7045dca57d6
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame F7AE
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

28ms
27ms

Image
text/plain

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:42 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:42 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame F7AE 49 B
729 B 3456ms
220ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-84459f4bbf-bscps
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F7AE 43 B
697 B 3240ms
36ms Image
image/gif 185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:45 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame F7AE 0
59 B 116ms
19ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F7AE
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4c4e07d8-10dd-4e36-b5a4-e5ef79a43b7c

0
231 B

178ms
31ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4c4e07d8-10dd-4e36-b5a4-e5ef79a43b7c
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30208

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Thu, 19 Aug 2021 16:23:42 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4c4e07d8-10dd-4e36-b5a4-e5ef79a43b7c
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3732
content-type: text/html; charset=utf-8
content-length: 222
expires: Thu, 19 Aug 2021 00:00:00 GMT

GET
H/1.1

200

3.gif
id5-sync.com/c/464/146/5/ Frame F7AE
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtPizUFHOgatl4Z6p8bYgWmFtSA3z5Z1mynfFKA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOtPizUFHOgatl4Z6p8bYgWmFtSA3z5Z1mynfFKA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=7fee0588-ad80-4f30-b69c-5e820f07f8e7&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F5%2F3.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F5%2F3.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F5%2F3.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/464/146/5/3.gif?puid=&gdpr=1&gdpr_consent=

43 B
1 KB

28ms
28ms

Image
image/gif

51.89.21.20
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/464/146/5/3.gif?puid=&gdpr=1&gdpr_consent=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p14.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:45 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/c/464/146/5/3.gif?puid=&gdpr=1&gdpr_consent=
date: Thu, 19 Aug 2021 16:23:45 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 96
content-type: text/html; charset=utf-8

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame F7AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=c41d19b3-19ed-41ce-9b65-6958004c2e10&ssp=taboola&user_group=1
https://x.bidswitch.net/ul_cb/sync?dsp_id=366&expires=14&user_id=c41d19b3-19ed-41ce-9b65-6958004c2e10&ssp=taboola&user_group=1
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3a893c40-5bd6-4137-8c4a-b01daa506bbd

0
229 B

31ms
30ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3a893c40-5bd6-4137-8c4a-b01daa506bbd
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 30283

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=3a893c40-5bd6-4137-8c4a-b01daa506bbd
date: Thu, 19 Aug 2021 16:23:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame F7AE
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9243ad04-4b6f-4b2f-8a29-42f06af4f72e
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9243ad04-4b6f-4b2f-8a29-42f06af4f72e&tbid=3a55ff0e-9330-4e1b-9e34-952a614d5b8f-tuct8180b0e&query=taboola_hm%3D9243ad04-4b6f-...

0
148 B

79ms
32ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9243ad04-4b6f-4b2f-8a29-42f06af4f72e&tbid=3a55ff0e-9330-4e1b-9e34-952a614d5b8f-tuct8180b0e&query=taboola_hm%3D9243ad04-4b6f-4b2f-8a29-42f06af4f72e&isDirect=0
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:44 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390224.053197,VS0,VE10
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19141-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=9243ad04-4b6f-4b2f-8a29-42f06af4f72e&tbid=3a55ff0e-9330-4e1b-9e34-952a614d5b8f-tuct8180b0e&query=taboola_hm%3D9243ad04-4b6f-4b2f-8a29-42f06af4f72e&isDirect=0
date: Thu, 19 Aug 2021 16:23:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23133

GET
H2

200

sd
u.openx.net/w/1.0/ Frame F7AE
Redirect Chain

https://u.openx.net/w/1.0/sd?id=543998486&val=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=

43 B
180 B

27ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:44 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&gdpr=0&gdpr_consent=
date: Thu, 19 Aug 2021 16:23:43 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame F7AE 43 B
539 B 586ms
110ms Image
image/gif 3.223.233.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.233.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-233-80.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:43 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame F7AE
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&dongle=tbla
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

20ms
19ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date: Thu, 19 Aug 2021 16:23:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 940ms
35ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210819-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2979
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19124-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1629390225.945627,VS0,VE0
date: Thu, 19 Aug 2021 16:23:44 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 15
x-cache-hits: 14188

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46FF 42 B
64 B 43ms
41ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuFvihDrMrlB_8qt4aLVzLKBP_qIpbY56g2CH0ABrbJeWt9BQy2Cjr8uhoMWXIQnrygsFI8JzJ7_Gj8srs-14CA34NawIH-jnKzTAqJycZK-pyqlFU7On4NNA&sai=AMfl-YSApB5lgE5jvWJs9b3xRp1rZcvDqSeQ3PEJk73hu15OQ3EvH2LTQ8DXUlEPwBz1R-3tph7FI74nufAaxJgJOPxwEWLsp0wua5qdevQ7ZnixR-8wODQyzPHeKQ0A&sig=Cg0ArKJSzFiRa4ZCeN4TEAE&cid=CAASEuRoi9_l84aFdbl4nZnIECm9cg&id=lidar2&mcvt=1003&p=1110,436,1200,1164&mtos=450,1003,1003,1003,1003&tos=450,553,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3077234133&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629390220837&dlt=194&rpt=0&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 coronavirus.png
vacina.saude.rs.gov.br/img/ Frame C812 87 KB
88 KB 249ms
249ms Image
image/png 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vacina.saude.rs.gov.br/img/coronavirus.png
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 95d722457b6b19c9b2248849d162602edaf41b594c82e44e6f6a316ba4d3d294

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
last-modified: Mon, 16 Mar 2020 17:04:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "15dfd-5a0fbcee37b55"
content-type: image/png
accept-ranges: bytes
content-length: 89597

GET
H2 200 api.gif
v3.denakop.com/ 0
42 B 388ms
369ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=MQaKD8QpTKu%2BNM9cxv%2BDhg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1629390222835&cb=0.7793385877528263&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:44 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6814ba644c3d1762-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 api.gif
v3.denakop.com/ 0
408 B 371ms
355ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=MQaKD8QpTKu%2BNM9cxv%2BDhg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v2&aa=scroll&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1629390222835&cb=0.8752127537003485&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:44 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6814ba644c411762-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 api.gif
v3.denakop.com/ 0
42 B 363ms
363ms Image
image/gif 2606:4700:10::ac43:24f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v3.denakop.com/api.gif?a=10102&d=desktop&b=Chrome&o=Windows&u=MQaKD8QpTKu%2BNM9cxv%2BDhg%2F0&v=5.0.0&sw=1600&sh=1200&ac=v&aa=under&p=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&t=1629390222836&cb=0.275385306189488&r=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:24f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:44 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: image/gif
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 6814ba647cb11762-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame BC54
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

281 B
554 B

325ms
27ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=undefined&cb=1629390221183&uv=3005&tms=1629390221183&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&aure=false&agl=1&cirid=39FB6CD897459923851592585027&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Aug 2021 16:23:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date: Thu, 19 Aug 2021 16:23:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D2D5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

281 B
554 B

336ms
20ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Aug 2021 16:23:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date: Thu, 19 Aug 2021 16:23:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 jquery.min.js Show response
vacina.saude.rs.gov.br/vendor/jquery/ Frame C812 86 KB
39 KB 257ms
253ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "15851-592af5a54eb00"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 39406

GET
H2 200 bootstrap.bundle.min.js Show response
vacina.saude.rs.gov.br/vendor/bootstrap/js/ Frame C812 77 KB
30 KB 258ms
255ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "1332b-592af5a54eb00"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30152

GET
H2 200 jquery.easing.min.js Show response
vacina.saude.rs.gov.br/vendor/jquery-easing/ Frame C812 2 KB
1 KB 255ms
251ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "9e4-592af5a54eb00"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1070

GET
H2 200 sb-admin-2.js Show response
vacina.saude.rs.gov.br/js/ Frame C812 1 KB
897 B 254ms
251ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/js/sb-admin-2.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 6e7d6826010c47f64438945a78cec8f26c51ab8981451c0fae14edd66b0b746a

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "5d4-592af5a54eb00"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 822

GET
H2 200 Chart.min.js Show response
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/ Frame C812 169 KB
69 KB 259ms
256ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/dist/Chart.min.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 12:22:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "2a415-5b20529e4e2c0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 utils.js Show response
vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/ Frame C812 3 KB
2 KB 255ms
255ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/Chart.js-2.9.4/samples/utils.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 12:22:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "cf6-5b20529e4e2c0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1712

GET
H2 200 chartjs-plugin-datalabels@0.7.0 Show response
cdn.jsdelivr.net/npm/ Frame C812 13 KB
6 KB 21ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/chartjs-plugin-datalabels@0.7.0

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de449772271eceedac2a492a41a7bf860b29402fadeb390e034ad2ed0b654b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 4887158
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5360
etag: W/"330e-MyjMkC7/nYxBFRP/V6SaLPi/qfE"
x-served-by: cache-fra19145-FRA
date: Thu, 19 Aug 2021 16:23:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.dataTables.min.js Show response
vacina.saude.rs.gov.br/vendor/datatables/ Frame C812 80 KB
35 KB 254ms
249ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/datatables/jquery.dataTables.min.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 169e713c2496498336d93532630b4b80fdb9db45d0a090624d155a5c7853371e

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "141eb-592af5a54eb00"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 35900

GET
H2 200 dataTables.buttons.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ Frame C812 19 KB
7 KB 38ms
18ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/dataTables.buttons.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2450475d377d43989a135a393b7eb9bb31daf1e7dca01a27b854497c46f2adf3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 6245776
content-length: 6431
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "1121708-4c4c-5c43d36efaee6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba5d1deb4303-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:27:26 GMT

GET
H2 200 buttons.flash.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ Frame C812 26 KB
7 KB 41ms
21ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/buttons.flash.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1184674c137c8212dcc1bf6763a147d317e94e4b004bfab579121116d3223ebf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 6245733
content-length: 6819
last-modified: Tue, 08 Jun 2021 08:47:57 GMT
server: cloudflare
etag: "11216fa-6677-5c43d36efa716-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba5d1def4303-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:28:07 GMT

GET
H2 200 jszip.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/ Frame C812 100 KB
27 KB 33ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 69715
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26506
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ecf-18e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BA%2FenCAfPWgD4SsdFpQvtVv0TAijojTFcm8VPIHzKJf4blCCcVvVsaOG6Tl4uUwUlEqZ5JwQlJ3y23rhWhbobfl3BcFGaVLM0Hs3e77g%2Fn7N46c8a36grfYTRhCp5F5u08lD%2BXnxdfScuMgLRXWuk7w%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6814ba5d197143b8-FRA
expires: Tue, 09 Aug 2022 16:23:42 GMT

GET
H2 200 pdfmake.min.js Show response
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame C812 1 MB
337 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/pdfmake.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e89f9845fc2a935c837dcd7089a59af09cde8ffdbf1866dfff621152fc74690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 837095
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 344327
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f87-10af19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa9hwiTv2X9lL6dcHSAOVDslkPCfX4yQAfqXbai5Tu28nRtpKVXqOuXyxCwbzO4QcxGxh7VGdYairBU3USiVJogFv8CEB0SQxLJNQdw8jwrR9Sa%2B3nQeHzBfX28gTtPQdlPT6XoZRDDaH1z%2BHCqiE8Rk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6814ba5d197743b8-FRA
expires: Tue, 09 Aug 2022 16:23:42 GMT

GET
H2 200 vfs_fonts.js Show response
cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/ Frame C812 905 KB
309 KB 24ms
24ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/vfs_fonts.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52c6021ddc04c53bbd71907e42070e90dcd4093c1e5ebe5c35f465000b4894f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2488648
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 315755
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f87-e2214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbgmBQSTfgF%2FSbsEnbMxO5G0BCvNXku2%2BAUEK1Zp%2BBBRPtqWmtdH7wyQUanQpqgw8fV8rbEIF4NJCHR0vGEvZhLvPCCym15KvA32Jm58A6WFk0XsgcrXN0HSoEOBqxPUL%2B53zKVBAS1y60qH3AhjVC9s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6814ba5d197943b8-FRA
expires: Tue, 09 Aug 2022 16:23:42 GMT

GET
H2 200 buttons.html5.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ Frame C812 24 KB
7 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/buttons.html5.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fcbf36a2bdfad4e9007f83c3f3b5d549692d6f079f1156a65fea99a57ef9af0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2369466
content-length: 6608
last-modified: Thu, 10 Jun 2021 17:20:57 GMT
server: cloudflare
etag: "11216f7-60be-5c46c9d441867-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba5d1df84303-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Jul 2022 06:12:35 GMT

GET
H2 200 buttons.print.min.js Show response
cdn.datatables.net/buttons/1.6.1/js/ Frame C812 2 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/buttons/1.6.1/js/buttons.print.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c38989ba7e43503bb4fc3d070653f93347a2eb6d84b8cc0ef09c79b8ebb861

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 2369466
content-length: 1160
last-modified: Thu, 10 Jun 2021 17:20:57 GMT
server: cloudflare
etag: "11216fb-8fe-5c46c9d441c4f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba5d1df94303-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Sat, 23 Jul 2022 06:12:35 GMT

GET
H2 200 dataTables.bootstrap4.min.js Show response
vacina.saude.rs.gov.br/vendor/datatables/ Frame C812 2 KB
1 KB 251ms
246ms Script
application/javascript 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/datatables/dataTables.bootstrap4.min.js
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 3fbf7c3785635c11806b2ed111106a8a570f83cafa2a642226510bca6ef4c47b

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: gzip
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "825-592af5a54eb00"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1369

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ Frame C812 20 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5423158
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6451
cf-request-id: 0abd93f94800001f256eb6a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2H8o5UU6Nib09C4vz1o6la6sE%2BIbgxDzgViLqOnvCFvDFz75BMWbBXdzPQQyC4I678xNh6dOCDqC461YKCses9jOI1fISa38Vz%2Fe1eX906uynFUBX3NwPhbFylJTpY8yZGCklK1mtn50yuL%2BoGRsApQd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6814ba5d197b43b8-FRA
expires: Tue, 09 Aug 2022 16:23:42 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 948A 28 B
529 B 40ms
18ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/28f65009/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/tkHaYUV2MDY?enablejsapi=1&origin=https%3A%2F%2Fwww.correiodopovo.com.br&widgetid=1
X-YouTube-Client-Version: 1.20210817.2.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgsxZTk2QVdoYU5uWSiMi_qIBg%3D%3D
X-YouTube-Ad-Signals: dt=1629390220416&flash=0&frm=2&u_tz=120&u_his=3&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C640%2C350&vis=1&wgl=true&ca_type=image&bid=ANyPxKq0E5U2-bFU4g_hZCE29aDPiwQ-jIVruaahHYgxC4Aub7U7MaIUH8XD1_YRwvgUFN_d1_Ye7wS_kIj3Yh_bFsqeloBogw

Response headers

date: Thu, 19 Aug 2021 16:23:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:43 GMT

GET
H3-29 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame C812 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vacina.saude.rs.gov.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:19:08 GMT
x-content-type-options: nosniff
age: 198276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 09:19:08 GMT

GET
H3-29 200 XRXW3I6Li01BKofAjsOUYevI.woff2
fonts.gstatic.com/s/nunito/v16/ Frame C812 19 KB
19 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622b2acb1b2c8d4eba45b028583b297a195b839f4684fc02d6906c84779f763d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://vacina.saude.rs.gov.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:37:46 GMT
x-content-type-options: nosniff
age: 251158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19088
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:37:46 GMT

GET
H2 200 fa-solid-900.woff2
vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/ Frame C812 74 KB
74 KB 250ms
250ms Font
font/woff2 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Origin: https://vacina.saude.rs.gov.br
Referer: https://vacina.saude.rs.gov.br/vendor/fontawesome-free/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:43 GMT
last-modified: Mon, 16 Sep 2019 17:58:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "12690-592af5a54eb00"
content-type: font/woff2
accept-ranges: bytes
content-length: 75408

GET
H2 200 Portuguese-Brasil.json Show response
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C812 971 B
834 B 43ms
26ms XHR
application/json 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 0
content-length: 438
last-modified: Thu, 10 Jun 2021 17:21:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1122006-3cb-5c46c9d7778bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba6a2ddad6b9-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 Portuguese-Brasil.json Show response
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C812 971 B
526 B 14ms
14ms XHR
application/json 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1
content-length: 438
last-modified: Thu, 10 Jun 2021 17:21:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1122006-3cb-5c46c9d7778bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba6b8828d6b9-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 Portuguese-Brasil.json Show response
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C812 971 B
501 B 24ms
24ms XHR
application/json 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1
content-length: 438
last-modified: Thu, 10 Jun 2021 17:21:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1122006-3cb-5c46c9d7778bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba6b8844d6b9-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 Portuguese-Brasil.json Show response
cdn.datatables.net/plug-ins/1.10.20/i18n/ Frame C812 971 B
501 B 21ms
21ms XHR
application/json 2606:4700:10::6816:335d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/plug-ins/1.10.20/i18n/Portuguese-Brasil.json

Requested by

Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:335d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

945d06eb0dcbe99839850dec2ced3f8265adba0ee296ca38c236cef6cc0648fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://vacina.saude.rs.gov.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1
content-length: 438
last-modified: Thu, 10 Jun 2021 17:21:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1122006-3cb-5c46c9d7778bf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6814ba6b884bd6b9-FRA
access-control-allow-headers: origin, x-requested-with, content-type

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3519ms
159ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 1965ms
1647ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 478ms
161ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3524ms
161ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3533ms
164ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 11 KB
5 KB 529ms
198ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: cec9613bcdc1eb92146168f147236c6636b8a3d6966f6da874a7a3392aad6168

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 10%3b0%3b61
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
x-smrt-i: 10340300
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 507ms
170ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3534ms
165ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3540ms
167ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 509ms
170ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 511ms
172ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3543ms
168ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 483ms
159ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3677ms
159ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 527ms
173ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3686ms
163ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 523ms
169ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 531ms
174ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3695ms
164ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 523ms
167ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3696ms
164ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3705ms
166ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

POST
H/1.1 200
OK genericpost Show response
www5.smartadserver.com/ 13 B
420 B 609ms
163ms XHR
application/javascript 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1320/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash: e1b9d7e445120ef67099c55479c84bc85be612b8d5344fec9f15a1e3c97da38a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked

OPTIONS
H/1.1 204
No Content genericpost
www5.smartadserver.com/ Frame 0
0 3712ms
171ms Preflight 23.83.76.34
LEASEWEB-USA-LAX-11

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.smartadserver.com/genericpost
Protocol: HTTP/1.1
Server: 23.83.76.34 , United States, ASN395954 (LEASEWEB-USA-LAX-11, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.correiodopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 16:23:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.correiodopovo.com.br

GET
H2 200 faixa_etaria.json Show response
vacina.saude.rs.gov.br/json/ Frame C812 321 KB
321 KB 254ms
253ms XHR
application/json 200.198.173.170
Cia de Processame...

General

Check archive.org

Show headers Download Go to

Full URL: https://vacina.saude.rs.gov.br/json/faixa_etaria.json
Requested by: Host: vacina.saude.rs.gov.br
URL: https://vacina.saude.rs.gov.br/vendor/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.198.173.170 Pinheiro Machado, Brazil, ASN7465 (PROCERGS - Cia de Processamento de Dados do RGS, BR),
Reverse DNS: wiesbaden.procergs.com.br
Software: Microsoft-IIS/10.0 / ARR/3.0, ASP.NET
Resource Hash: 440417c5712b297cf5970fc652c335c7f54e5fde20925e73d6b1a43a6e98c1f8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://vacina.saude.rs.gov.br/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
last-modified: Thu, 19 Aug 2021 10:36:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0, ASP.NET
etag: "50450-5c9e7217ba962"
content-type: application/json
accept-ranges: bytes
content-length: 328784

GET
H2 200 / Show response
pips.taboola.com/ 64 B
246 B 20ms
5ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19121-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 20ms
20ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront), 1.1 varnish
age: 1182625
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn4039-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1629390226.104675,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gMac7oPnGnLwMTPr8ZTp3wXPxJLROynfM1c1ULf482PWoHTcQG1zPg==
x-cache-hits: 208056

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 20ms
20ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age: 2181093
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1629390226.108725,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits: 200274

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/ 567 KB
117 KB 22ms
21ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e95623e9082ef2c44c96252359f39cd05a5b21f5155f025a493244d5f7b40357

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
age: 285714
x-amz-meta-mtime: 1629104445
x-cache: HIT
x-amz-meta-ctime: 1629104459
x-amz-meta-mode: 33188
content-encoding: br
content-length: 118740
x-amz-id-2: HLIvGI1QZRJWu7wiABdTFjW+aMqmWKxMIfUZq1GhZ5Nl2kpIBgjqClJs1o3mgXxyisgrKFqZBMc=
x-served-by: cache-hhn4039-HHN
accept-ranges: bytes
last-modified: Mon, 16 Aug 2021 09:01:00 GMT
server: AmazonS3-br
x-timer: S1629390226.145736,VS0,VE0
etag: "1208505f5eb2bb35f6eb2556219b5367"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: TGDW00WBNMRVFGA5
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 62793

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 06F5 1 KB
1 KB 35ms
33ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 01faf18ce8950579f5a3d68c7811255f0c7f4d79ca56ec888090ba23385cf5f0

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

server: nginx
date: Thu, 19 Aug 2021 16:23:46 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3405

GET
H2 200 loading2.png
vidstat.taboola.com/assets/ 24 KB
24 KB 36ms
32ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/loading2.png
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f2b7e987474183ea3293084c5069b7a5227876ed8fa10da3dd3588ee7124c16

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 2f0580a0593ad9d3fb82aee9226d8179.cloudfront.net (CloudFront), 1.1 varnish
age: 1872359
x-amz-meta-mtime: 1498646328
x-cache: Hit from cloudfront, HIT
x-amz-meta-mode: 33188
content-length: 24300
x-served-by: cache-hhn4039-HHN
last-modified: Sun, 02 Jul 2017 14:25:04 GMT
server: AmazonS3
x-timer: S1629390226.173471,VS0,VE0
etag: "ead84d746b6ee07ee78dc4243d7349c8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: *
x-amz-cf-id: O9tGAYqRJlC8dzwINHy8gNU4n0EVIRUKkmFtaB69jD6tgoH3JImu4Q==
x-cache-hits: 51621

GET
H2 200 replay-button.svg
vidstat.taboola.com/assets/ 1 KB
1007 B 36ms
32ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9aca50019231f85f469a5e0019bf363b41b9886b238a44bb1fe837ca4408da1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront), 1.1 varnish
age: 1255775
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 701
x-served-by: cache-hhn4039-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1629390226.173754,VS0,VE0
etag: "e871e80b457ead7801d3bbe63b25c4fb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: b_2YSz_xJ_vlRCCaxiIFf95Q8jxCjwLOwkr1CwY6cuNKztnK2Kc5vw==
x-cache-hits: 40503

GET
H2 200 replay-button-hover.svg
vidstat.taboola.com/assets/ 1 KB
1005 B 36ms
32ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/replay-button-hover.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d92c3106afa291abcefd52dd891825af921521fb643b4ce9e432e7d555bba2f8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront), 1.1 varnish
age: 1742030
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 709
x-served-by: cache-hhn4039-HHN
last-modified: Wed, 13 Feb 2019 09:30:13 GMT
server: AmazonS3
x-timer: S1629390226.174399,VS0,VE0
etag: "ae0344bce724db935e4f7ba6573ee516"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: BvOIM6Ru-sj1Zuk8Pv4KwWWtNjjN_qkQBQVKUVBbjGSvlxOJWOiTWQ==
x-cache-hits: 47084

GET
H2 200 learn-more-button.svg
vidstat.taboola.com/assets/ 2 KB
923 B 37ms
33ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0648e82e4c77d04dac47abdae61b19b9a5adb1890fceb13a6d9e89c04c060a8

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront), 1.1 varnish
age: 2110425
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 634
x-served-by: cache-hhn4039-HHN
last-modified: Wed, 13 Feb 2019 09:30:12 GMT
server: AmazonS3
x-timer: S1629390226.174390,VS0,VE0
etag: "3132e8c3bdd274efa7ce1531ec89580d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oN72cAAVKwvn1GJ4MZDIQi3y4vHm--RqZWj9LNg2dBhXT141wINHrw==
x-cache-hits: 47943

GET
H2 200 learn-more-button-hover.svg
vidstat.taboola.com/assets/ 2 KB
964 B 59ms
57ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidstat.taboola.com/assets/learn-more-button-hover.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e93981763fee7adb1384f54134ae21113517f9e80febe5d0d80f01a75eb97e90

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront), 1.1 varnish
age: 1315164
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 660
x-served-by: cache-hhn4039-HHN
last-modified: Wed, 13 Feb 2019 09:30:11 GMT
server: AmazonS3
x-timer: S1629390226.211254,VS0,VE0
etag: "b14888c73642ebc29c1451727eb1eb8a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 5USgBPbqKLnJFjkz-_mBilQavJD91w32XFjJXqjUH0bEKStBxu7qwA==
x-cache-hits: 40889

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 18ms
17ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 95
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: dG5btsDeY+PXEquROAVOM4aSIiDscRq1Gl9IHePBB8GJnqlJNRRfiUhPAFZjTJrdG2p1UE93Z4g=
x-served-by: cache-fra19124-FRA
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1629390226.174341,VS0,VE0
date: Thu, 19 Aug 2021 16:23:46 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: F5F03R83Q1CDSQFG
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 85
x-cache-hits: 60

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 3334ms
102ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Aug 2021 16:23:49 GMT
Cache-Control: no-store
Server: nginx
Connection: close

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 95ms
94ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1629390226272&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1263&pt=1590349392&tz=120&viewable=true&ddast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55eada7b6eeeb9f5d5a350a898de58606be32ccb24e1e87b9785b523b0e35ff5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
content-encoding: gzip
access-control-allow-origin: https://www.correiodopovo.com.br
machineid: 1437
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4039-HHN
pragma: no-cache
server: nginx
x-timer: S1629390226.285485,VS0,VE71
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 12988193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 105ms
39ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12988193?_fw_gdpr=0&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15db9f3d80da84def2b382d5fccb0938a8359e9c0ea2836112af6afad57da57a

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1629390226281056-541
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
BLOB 206
Partial Content 0116158f-4e42-4680-951c-c0d3cc7f5d2b
https://www.correiodopovo.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiodopovo.com.br/0116158f-4e42-4680-951c-c0d3cc7f5d2b
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content cec55cad-bb2d-4e4f-bade-ac3d308bb5d5
https://www.correiodopovo.com.br/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.correiodopovo.com.br/cec55cad-bb2d-4e4f-bade-ac3d308bb5d5
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 06F5
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=939fcae7-8f9d-4693-bd28-fadbb3e1057d

0
200 B

25ms
25ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=939fcae7-8f9d-4693-bd28-fadbb3e1057d
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390226.472263,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=939fcae7-8f9d-4693-bd28-fadbb3e1057d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 06F5 43 B
182 B 96ms
95ms Image
image/gif 2600:1f18:612b:4264:6067:ea36:4ec5:cf74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:6067:ea36:4ec5:cf74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 um Show response
cs.emxdgt.com/ Frame 06F5 0
45 B 24ms
20ms Script
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Femxdigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame ED60
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=

281 B
554 B

38ms
21ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Aug 2021 16:23:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date: Thu, 19 Aug 2021 16:23:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BC54 31 KB
10 KB 24ms
24ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 55bf4b496eff869db298574d1f44e53118337bb058050d5ef8aa236c3bcc5800

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81430
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Fri, 20 Aug 2021 15:00:56 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D2D5 31 KB
10 KB 65ms
26ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 55bf4b496eff869db298574d1f44e53118337bb058050d5ef8aa236c3bcc5800

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81430
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Fri, 20 Aug 2021 15:00:56 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 1E56
Redirect Chain

https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26u...
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756...

2 KB
3 KB

45ms
44ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f1393078f502b0b6fe379c4f11e4611c90888837f5061f1ca715c39d8e1b7c25

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YR6FlVy00RDjDhSBGKXIxAAA; CMPS=3204
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|241|39|218|47|4|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1848
Expires: Thu, 19 Aug 2021 16:23:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:49 GMT
Connection: keep-alive
Set-Cookie: CMID=YR6FlVy00RDjDhSBGKXIxAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Aug 2022 16:23:49 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Nov 2021 16:23:49 GMT CMPRO=1127;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Nov 2021 16:23:49 GMT CMRUM3=e6611e85952760&1f611e859505a00&da611e85952760&2f611e859505a0&2d611e859505a0&04611e859505a0&27611e85950b40&f1611e859505a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Aug 2022 16:23:49 GMT CMST=YR6FlWEehZUA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 20 Aug 2021 16:23:49 GMT

Redirect headers

Server: Apache
Content-Length: 417
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 19 Aug 2021 16:23:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:49 GMT
Connection: keep-alive
Set-Cookie: CMID=YR6FlVy00RDjDhSBGKXIxAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 19 Aug 2022 16:23:49 GMT CMPS=3204;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Nov 2021 16:23:49 GMT

GET
H/1.1 200
OK 12988193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 46ms
37ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12988193?_fw_gdpr=0&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 42d8763446f5681f7660ec66bd71874f54053b78b0ccb4876cd83f7f4313fc69

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1629390226375015-517
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BC54 284 B
966 B 119ms
40ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame ED60 31 KB
10 KB 24ms
24ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 55bf4b496eff869db298574d1f44e53118337bb058050d5ef8aa236c3bcc5800

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81430
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Fri, 20 Aug 2021 15:00:56 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame E9B5 330 KB
112 KB 46ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1629390226.dop239.fr8.t,1629390226.cds008.fr8.shn,1629390226.cds008.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D2D5 284 B
966 B 102ms
30ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame ED60 284 B
966 B 107ms
30ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 1216 330 KB
112 KB 10ms
9ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1629390226.dop239.fr8.t,1629390226.cds008.fr8.shn,1629390226.cds008.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame E9B5 25 KB
25 KB 31ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1629390226516
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1629390226.dop235.fr8.t,1629390226.cds143.fr8.shn,1629390226.cds143.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=39e8c9ed1ac2a3ceac1782c2851285cc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g074_6998177733092735120
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHGJ7tLrwLeK29-Q7abqS7w&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=939fcae7-8f9d-4693-bd28-fadbb3e1057d
https://pr-bh.ybp.yahoo.com/sync/stickyads/39e8c9ed1ac2a3ceac1782c2851285cc&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vLdHrUxE2oMreo2FNr6qc0hz1dUUN86LblXlfJVu~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=8924832106922946643
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=DtmFjQXQ1MgKPx5&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAELfk7CPQsAAClEEMn3kA&gdpr=0
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0

0
0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 1216 25 KB
25 KB 22ms
9ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1629390226542
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1629390226.dop235.fr8.t,1629390226.cds143.fr8.shn,1629390226.cds143.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 1216 0
0

GET

/
c1.adform.net/serving/cookie/match/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=39e8c9ed1ac2a3ceac1782c2851285cc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g066_6998177733092764264
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEHGJ7tLrwLeK29-Q7abqS7w&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=939fcae7-8f9d-4693-bd28-fadbb3e1057d
https://pr-bh.ybp.yahoo.com/sync/stickyads/39e8c9ed1ac2a3ceac1782c2851285cc&gdpr=0&gdpr_consent=?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vLdHrUxE2oMreo2FNr6qc0hz1dUUN86LblXlfJVu~A
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=2671785039793296693
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AABLu07CPQsAACNWInHVfg&gdpr=0
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YR6FkgADocr7NwBg&gdpr=0
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0

0
0

GET
H2

200

/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame BC54
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---

0
54 B

39ms
38ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390227.664008,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame D2D5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---

0
54 B

15ms
15ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390227.673615,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame ED60
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---

0
54 B

15ms
14ms

Image
text/plain

2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1629390227.703398,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19146-FRA

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KSJ4VD6E-18-G9NR&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame E9B5 301 B
818 B 39ms
38ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12988193&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1629390226645001-546
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame E9B5 67 B
728 B 59ms
44ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12988193&_fw_gdpr=0&_fw_us_privacy=1---&vav=155e093ed0552f08e555a53405f10ea5&vaviv=47d8e9688df59db54f9bf6f80f0b4811&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1629390226526080-577
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 1216 301 B
864 B 91ms
53ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12988193&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1629390226696042-513
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 1216 67 B
728 B 100ms
46ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12988193&_fw_gdpr=0&_fw_us_privacy=1---&vav=e9e0123e082282047b359f7e2bddb50d&vaviv=cc5d8dbb13726c4b8a782940eb7deecb&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1629390226701007-531
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1629390226622044-391
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

368ms
122ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W893J94FP6HPKN1ZH46Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1629390226643076-584
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame BC54 70 B
264 B 46ms
42ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BC54
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1---&_test=YR6FkgADoc...
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YR6FkgADocr7NwBg&gdpr=0&us_privacy=1---&_test=YR6FkgADocr7NwBg

42 B
723 B

53ms
27ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YR6FkgADocr7NwBg&gdpr=0&us_privacy=1---&_test=YR6FkgADocr7NwBg
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629390227.840920,VS0,VE0
x-served-by: cache-fra19139-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YR6FkgADocr7NwBg&gdpr=0&us_privacy=1---&_test=YR6FkgADocr7NwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BC54
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/ERsCQePKMFTk5zL0_kJgvMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8753158829914487610

42 B
723 B

29ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8753158829914487610
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Thu, 19 Aug 2021 16:23:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8753158829914487610
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame BC54
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSJ4VD6E-18-G9NR&sigv=1&esig=2~2dc9a6fc49d78c6bdeef29a39f4ec90630f6196e&gdpr=0&us_privacy=1---

0
445 B

21ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSJ4VD6E-18-G9NR&sigv=1&esig=2~2dc9a6fc49d78c6bdeef29a39f4ec90630f6196e&gdpr=0&us_privacy=1---

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:46 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KSJ4VD6E-18-G9NR&sigv=1&esig=2~2dc9a6fc49d78c6bdeef29a39f4ec90630f6196e&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BC54
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGJkY2NjNjRmOTFkNzYyMTI0MWU3MTg4ODY1Y2JiNDFjYzZkMmM3Zg&gdpr=0&us_privacy=1---

170 B
188 B

31ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGJkY2NjNjRmOTFkNzYyMTI0MWU3MTg4ODY1Y2JiNDFjYzZkMmM3Zg&gdpr=0&us_privacy=1---

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGJkY2NjNjRmOTFkNzYyMTI0MWU3MTg4ODY1Y2JiNDFjYzZkMmM3Zg&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BC54
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent=

42 B
723 B

30ms
29ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent=
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: MT3 3853 9552a83 master zrh-pixel-x11
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18ad611e-8592-4600-b7d9-fa1b77c29b54&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 19 Aug 2021 16:23:45 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame BC54 0
66 B 319ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=0&us_privacy=1---
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame BC54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=0&us_privacy=1---&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMV_NS9BH3Po_W_XcPcCl24&google_cver=1

42 B
723 B

28ms
28ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMV_NS9BH3Po_W_XcPcCl24&google_cver=1
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEMV_NS9BH3Po_W_XcPcCl24&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET user-matching
ads.stickyadstv.com/ Frame 1216 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=

170 B
188 B

35ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-34-240-91-113.eu-west-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzllOGM5ZWQxYWMyYTNjZWFjMTc4MmMyODUxMjg1Y2M=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1629390226717077-513
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET user-matching
ads.stickyadstv.com/ Frame 1216 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

413ms
125ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W7SK2ZH0N5B39KQGCER5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=39e8c9ed1ac2a3ceac1782c2851285cc&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1629390226734058-510
Expires: Thu, 19 Aug 2021 16:23:46 GMT

GET
H2 200 63f89184b188c1fee17d2561c46ad514.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 80 KB
80 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/63f89184b188c1fee17d2561c46ad514.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d260f04be099503762fbfc6ecb863b1d169440feab2d9bc56fb605c76c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:15 GMT
x-content-type-options: nosniff
age: 182851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81425
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:15 GMT

GET
H2 200 cac2be686d473db94b8f6e8278abf60d.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/cac2be686d473db94b8f6e8278abf60d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1326c6f584f3f03571a819a59f81424312021b67454570054aceff289b8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175564
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H2 200 0522c0cbefec03929e6abd80f84d75fc.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 5 KB
5 KB 12ms
12ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/0522c0cbefec03929e6abd80f84d75fc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ad3bd65f9236cb09807ee97c3ed9ef06fc8041fa7e09a0dc07debe0575cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192087
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5385
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H2 200 5d9436ccdf3c10ef05e1b8c067069081.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame F451 21 KB
21 KB 16ms
14ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/5d9436ccdf3c10ef05e1b8c067069081.jpg

Requested by

Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714f2fd25eb03dd87ce9cc01076e10bb97e0717733fccc25f25466d00353e998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:20 GMT
x-content-type-options: nosniff
age: 182846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21083
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:20 GMT

GET
H3-29 200 5d9436ccdf3c10ef05e1b8c067069081.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 21 KB
21 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/5d9436ccdf3c10ef05e1b8c067069081.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714f2fd25eb03dd87ce9cc01076e10bb97e0717733fccc25f25466d00353e998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:20 GMT
x-content-type-options: nosniff
age: 182847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21083
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:20 GMT

GET
H3-29 200 63f89184b188c1fee17d2561c46ad514.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 80 KB
80 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/63f89184b188c1fee17d2561c46ad514.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d260f04be099503762fbfc6ecb863b1d169440feab2d9bc56fb605c76c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:15 GMT
x-content-type-options: nosniff
age: 182852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81425
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:15 GMT

GET
H3-29 200 cac2be686d473db94b8f6e8278abf60d.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/cac2be686d473db94b8f6e8278abf60d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1326c6f584f3f03571a819a59f81424312021b67454570054aceff289b8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 0522c0cbefec03929e6abd80f84d75fc.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame EC76 5 KB
5 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/0522c0cbefec03929e6abd80f84d75fc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ad3bd65f9236cb09807ee97c3ed9ef06fc8041fa7e09a0dc07debe0575cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5385
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H3-29 200 5d9436ccdf3c10ef05e1b8c067069081.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 21 KB
21 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/5d9436ccdf3c10ef05e1b8c067069081.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/98da7d7d390d768a5b317b0dc6e0693c.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714f2fd25eb03dd87ce9cc01076e10bb97e0717733fccc25f25466d00353e998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:20 GMT
x-content-type-options: nosniff
age: 182847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21083
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:20 GMT

GET
H3-29 200 63f89184b188c1fee17d2561c46ad514.jpg
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 80 KB
80 KB 11ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/63f89184b188c1fee17d2561c46ad514.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70d260f04be099503762fbfc6ecb863b1d169440feab2d9bc56fb605c76c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:36:15 GMT
x-content-type-options: nosniff
age: 182852
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81425
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:36:15 GMT

GET
H3-29 200 cac2be686d473db94b8f6e8278abf60d.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 2 KB
2 KB 10ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/cac2be686d473db94b8f6e8278abf60d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1326c6f584f3f03571a819a59f81424312021b67454570054aceff289b8fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:37:42 GMT
x-content-type-options: nosniff
age: 175565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:37:42 GMT

GET
H3-29 200 0522c0cbefec03929e6abd80f84d75fc.png
s0.2mdn.net/sadbundle/15461216385557670375/media/ Frame 9310 5 KB
5 KB 9ms
6ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15461216385557670375/media/0522c0cbefec03929e6abd80f84d75fc.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978ad3bd65f9236cb09807ee97c3ed9ef06fc8041fa7e09a0dc07debe0575cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15461216385557670375/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:02:19 GMT
x-content-type-options: nosniff
age: 192088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5385
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 12:42:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:02:19 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1E56
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAS-y0o6j5-ffIq3wBJqHRo&google_cver=1

43 B
315 B

98ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAS-y0o6j5-ffIq3wBJqHRo&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAS-y0o6j5-ffIq3wBJqHRo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1E56
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YR6FlVy00RDjDhSBGKXIxAAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YR6FlVy00RDjDhSBGKXIxAAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJC8VCLiQkfw5qx8Wp5D4y4&google_cver=1

43 B
1 KB

61ms
60ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJC8VCLiQkfw5qx8Wp5D4y4&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:50 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJC8VCLiQkfw5qx8Wp5D4y4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1E56
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&dcc=t

43 B
932 B

139ms
139ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&dcc=t

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PZGXRFFYAWPPGQDMZ5JZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:49 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T77APN51PNA8S1XXNK9C
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1E56 70 B
264 B 44ms
42ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YR6FlVy00RDjDhSBGKXIxAAA
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 1E56
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YR6FlVy00RDjDhSBGKXIxAAA%261127?gdpr_consent=&us_privacy=&gdpr=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YR6FlVy00RDjDhSBGKXIxAAA%261127

42 B
958 B

46ms
46ms

Image
image/gif

34.240.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YR6FlVy00RDjDhSBGKXIxAAA%261127

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.91.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bBlYcjdbSxo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-0921ed35a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: pe6W4MB5QAM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YR6FlVy00RDjDhSBGKXIxAAA%261127
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1E56
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=DtmFjQXQ1MgKPx5

43 B
988 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=DtmFjQXQ1MgKPx5
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:49 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:49 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-07ed93884cf47b6e0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=DtmFjQXQ1MgKPx5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1E56
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3503383453133841208

43 B
1 KB

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3503383453133841208
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 16:23:49 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3503383453133841208
pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 1E56
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6826766291056294224&uid=Q6826766291056294224&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

29ms
29ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:50 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 19 Aug 2021 16:23:50 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 1E56 0
229 B 25ms
24ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/casale-network/1/rtb-h/?taboola_hm=YR6FlVy00RDjDhSBGKXIxAAABGcAAAAB&orig=video&us_privacy=1---
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 23209

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D81
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

21ms
21ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.correiodopovo.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Aug 2021 16:23:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Thu, 19 Aug 2021 16:23:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ 31 KB
11 KB 35ms
14ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 752cc81c62b985b1ea0ec751c19397b60aa3c5211fb19916809a401b4d044f76

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Aug 2021 08:36:16 GMT
Server: AkamaiNetStorage
ETag: "11ca3735b37154ebdcef3dd133bc063f:1629103138.292715"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

GET
H/1.1 200
OK RM_patricia__3aa05d8e-455b-4ef2-8ac1-e67d803bc36d.gif
creatives.sascdn.com/diff/1320/10340300/ 31 KB
32 KB 60ms
30ms Image
image/gif 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creatives.sascdn.com/diff/1320/10340300/RM_patricia__3aa05d8e-455b-4ef2-8ac1-e67d803bc36d.gif
Requested by: Host: www.correiodopovo.com.br
URL: https://www.correiodopovo.com.br/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 15bec009f0b86a6128b3d6013723649e8cc980aab56762ecd20d1b73a0faa802

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:50 GMT
Last-Modified: Thu, 05 Aug 2021 19:44:19 GMT
Server: AkamaiNetStorage
ETag: "3774bb503f12a3e40132691701dd6b1f:1628192659.70015"
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31970
Expires: Fri, 19 Aug 2022 16:23:50 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D81 31 KB
10 KB 24ms
24ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 55bf4b496eff869db298574d1f44e53118337bb058050d5ef8aa236c3bcc5800

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81426
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Fri, 20 Aug 2021 15:00:56 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0D81 284 B
921 B 28ms
27ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/jpg

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 0D81
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KSJ4VFXK-U-4IOA

43 B
405 B

37ms
36ms

Image
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KSJ4VFXK-U-4IOA
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:49 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=KSJ4VFXK-U-4IOA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 41ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f423c767a0f1e17d7930b6f918998d2814c12afaae78e86f2943ae9873b0895d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8448
x-xss-protection: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 52ms
12ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.correiodopovo.com.br.admin-mcas.ms
URL: https://www.correiodopovo.com.br.admin-mcas.ms/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 03:53:24 GMT
content-encoding: gzip
age: 45026
x-guploader-uploadid: ADPycdut5V1zAD9-7QSt-bjAr9NJZPoPh3kzHzDXeKqawok2D03ErqLmANizroXjwCOMKZ0k-Go5v5bPmAi2H4NxTQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6114
last-modified: Mon, 19 Apr 2021 15:43:33 GMT
server: UploadServer
etag: "090fb4b641b03e182ef8a7fdc93d72de"
x-goog-hash: crc32c=VQO11g==, md5=CQ+0tkGwPhgu+Kf9yT1y3g==
content-language: en
x-goog-generation: 1618847013991944
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 20 Aug 2021 03:53:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61daf106f325845b61425fd2f8e385e484c783a2075768fac98e3ea9e03127d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39047
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99bedf399746c5d2a0d71ff3e59b5393144b0398dcd9cbb8ab3e21d402554100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39172
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:08:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa144870a094ce8e4d7d81cee9728d10685012e2d752158be9a1770253c53deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39182
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:08:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e323ac9963b38d302d27eeb0010efbeb6916d9d6858764d3ca471b4486d6e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39190
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:08:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f0a30dbae1b4f19c037b8830852bcc597cf2e023d18bd60bf3542fd2b1315d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39148
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFKL3B

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f3df79ca9576392edfa0426a705ea21c33ab3dd6eab0ff69206f4424b19ab47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39154
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 16:08:13 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 4729 21 KB
9 KB 324ms
108ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame B62C 21 KB
9 KB 427ms
214ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 9E5A 21 KB
9 KB 531ms
322ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 94AA 21 KB
9 KB 530ms
324ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 5EBB 21 KB
9 KB 420ms
217ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame F46C 21 KB
9 KB 523ms
324ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 7346 21 KB
9 KB 517ms
321ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 ws-ad.js Show response
wfpscripts.webspectator.com/ Frame 9746 21 KB
9 KB 411ms
217ms Script
application/javascript 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://wfpscripts.webspectator.com/ws-ad.js
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/ws-4.4.62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9d02c3facc410ee6a9dceade80ce0bc710f6037df881453124d3f5c83a6241b5

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 15:34:42 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5134affc2f01c20ef17e399c5c7cbfbd"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=300
content-length: 8492

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H2 200 _adview_.ad.json Show response
cdn.webspectator.com/ad/banner/_adsense_/_adserver/ 0
165 B 473ms
222ms Script
application/octet-stream 52.1.252.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webspectator.com/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=33683926
Requested by: Host: wfpscripts.webspectator.com
URL: https://wfpscripts.webspectator.com/adblocker/blockadblock.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.252.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-252-251.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
last-modified: Tue, 11 Oct 2016 11:19:36 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-length: 0
x-cache-status: MISS
content-type: application/octet-stream

GET
H2 204 social
il-trc-events.taboola.com/correiodopovo/log/3/ 0
363 B 214ms
71ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/correiodopovo/log/3/social?route=AM:IL:V&tvi2=84&lti=deflated&ri=4b6fb72b54e300ffc030c4ae90240d16&sd=v2_1978fc5bc9174115d926a0c83cc79729_25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c_1629390220_1629390220_CIi3jgYQzeNHGKzU5vm1LyABKAEwKziy0A1Au4gQSKKi3QNQ____________AVgAYABosa_ptcr9986tAXAB&ui=25377116-d7d2-44bf-94ee-9ee900527783-tuct8180b0c&pi=/&wi=-5703500169402860967&pt=home&vi=1629390219820&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Correio%20do%20Povo%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A23%3A50.397&id=1579&llvl=1&cv=20210819-5-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 13ms
13ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 17:56:33 GMT
content-encoding: gzip
age: 80837
x-guploader-uploadid: ADPycduZT18fweJFrFh_JsUH53ULXvQkwX1uJKMNeNdB3hk08F_PX4ggNCizHs5JVMLTahG3IfQWqW6ozQy22DBrOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8332
last-modified: Mon, 19 Apr 2021 15:43:33 GMT
server: UploadServer
etag: "3f338dc5c15f92841113b0350587be44"
x-goog-hash: crc32c=sfk3og==, md5=PzONxcFfkoQRE7A1BYe+RA==
content-language: en
x-goog-generation: 1618847013907660
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Aug 2021 17:56:33 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
550 B 367ms
116ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-correiodopovo:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1629390230&tM=referral&tL=referral&tN=referral&tY=3&tZ=119359538
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 346ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bb5bbc1eafc85aaad6dab04ab6fb0ae00b7d9d2166dba5bdb36c3a15ba8c22cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13986
x-xss-protection: 0
server: cafe
etag: 18170976018000584025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 16:23:50 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9973 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 19 Aug 2021 16:19:17 GMT
expires: Fri, 19 Aug 2022 16:19:17 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BA2 783 B
829 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee243ef399e47e4cce95b2aa883b39bd2cface1cc4143a934ddfeccc56699725

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AJrVkCKeeDgELBt5074nqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

expires: Thu, 19 Aug 2021 16:23:50 GMT
date: Thu, 19 Aug 2021 16:23:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AJrVkCKeeDgELBt5074nqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
465 B 151ms
114ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e59d291c32694c460dc0f7185361185432ade033f30f6d7a794289348801bc7e

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 9973 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LPVuzLK1TyzEP0FlVkI4C3aV71n8MLJs6dtRUJPDU8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cf56eccb2b54f2cc43f41655642380b7695ef59fc30b26ce9db515093c353cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 14:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13273
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 14:48:58 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=2042573796895344&bg=!KimlKW3NAAZvV8FTb1c7ACkAdvg8Wp_A3SpMLWotwPiZvYj-cFwvSjxmsnVywNJbg0AXBYjWdcGeegIAAAB3UgAAAA1oAQcKACO_o79N9O0yWYoOEkg3Jza6Lr5bL1fgRPYAHLnXYtPiJQQPj5kCk8M3PvqaRUTQafj_TgCnfdwqUpybN3m0yUYo1vPTRVsqmkBMhBaXveZk4tgZBzZqZaRC6ncbaY-wqmS9kLx36FcKeOyP03-RJEU-x6oIOLkICzxGKD8aSUUvWKfxfCeWinJGpzrpSLnAi8B6bNxOnaMDlJmW6Kt8bxZ7HJw1PdNPOTSe1mAwhIRIAsp6JVIDxViv-nWrtyjuETZsCVyNUd4aukGAOOQR1Ys7PgAGmAplUQk5SC61sOb3zDSjvnoJT4yUH2W8gnwjJ8InZfhfhf3qdD8fU5kiILQQe4kfNuApFQV2nxIbMA3NnLtG1WwyjbeVZGulgfyWieEjfQPUmnAaFBkDJc_D5R5BJoCQIN3NaNXd2Rjre4EwH8xZnxCHOi1bdOj1VW6fjhrX8xa7lXL58MV9sjtjgYT6FnNuaGboQunTqFwoQqdmnfCY38bRCzXfD54aYnStSENucMfT7OcSRcAur2lYJewh0clj1VeLRp-3vgSKtQJrc9mYlERc5MER0dCenzeZd2_IIFNn_GUbB71cUO-908bvKVy6gKIjke9BGt0I7CSgnqOFJdC0NZTjpQjVkSUaYKKppYGJkKA_N56YhK2y_hzZU57_S8QutIWjKuDCezO_JoyKK3KzxPRPdWmsEf9gNg3pc2mH-U5Y9oCmR1N4vLGDaPVHHbqse7HIYwyEWv0laZ7656RDear2rR6pYrHKzFqH7u6L1OtnghhqixTWLrgiEZsO1ytRKGMv6aIzfGWKDxDc27WgtieVnj-4vEMX6wECQ27CxvutgxCYHboCYD6AZ523idFoiwDBmma1Hx5nUNis0vSLW2YYz8BYrHAfKricS3fYzxpP3P5Aq5aBvblGoIRhd24V1dK7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 104 B
547 B 172ms
121ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007F96851E6177063B1C024ACA14&tX=b.52&tZ=554945839
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 919fe1392eb243b88a62150b7dddd66d9c51b570716a162030d1d1a321fbf3be

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:50 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 2 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1629390230815&cv=9&fst=1629390230815&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e1c0661d4b74efd72318f79c002de1cc76ed6514c9d219d342099baee118def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 2 KB
1 KB 40ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1629390230819&cv=9&fst=1629390230819&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42afa3725e674ed4cadb6bbbc33fa3f60dd2fb1065c68e2b08f5c094e94622b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 2765 0
426 B 91ms
31ms Document
text/html 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.correiodopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUme01LKTuJvMaQJ_DNWHxJBNo_LWKV6rdL5Rkm8A125tDZWJuIX-sJ-zh_Ou_I
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.correiodopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 19 Aug 2021 16:23:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 2 KB
1 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1629390230823&cv=9&fst=1629390230823&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea34352c2a52c885d1bb59269eb7aab152862d6a43e5f66265fecb1d06567073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 22ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1629390230815&cv=9&fst=1629388800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=3047380225&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
569 B 42ms
17ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1629390230815&cv=9&fst=1629388800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=3047380225&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1629390230823&cv=9&fst=1629388800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=2525036471&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
108 B 42ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1629390230823&cv=9&fst=1629388800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=2525036471&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1629390230819&cv=9&fst=1629388800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=3890386708&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
108 B 39ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1629390230819&cv=9&fst=1629388800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&ref=https%3A%2F%2Fwww.correiodopovo.com.br.admin-mcas.ms%2F&tiba=Correio%20do%20Povo&async=1&fmt=3&is_vtc=1&random=3890386708&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 83 B
358 B 116ms
116ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=492449926
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 2bebc2faf58321d619ab516e11d6ae8e2420f0f8aa1e9e6cb3c674c398914185

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:51 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 tr
www.facebook.com/ 44 B
297 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 16:23:51 GMT

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm=&google_ula=862479430&google_tc=
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMrtME4JqJws20ixzAOVWWM&google_cver=1&google_ula=862479430,0

70 B
356 B

117ms
115ms

Image
image/png

34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMrtME4JqJws20ixzAOVWWM&google_cver=1&google_ula=862479430,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:51 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMrtME4JqJws20ixzAOVWWM&google_cver=1&google_ula=862479430,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
391 B 122ms
115ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_zurich_zurich_ch_1629390230818_3114053485&tJ=CA15795,CA15771,CA17813&tQ=par-correiodopovo,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F96851E6177063B1C024ACA14&tX=b.52&tY=1&tZ=48545621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:51 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
126 B 38ms
38ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/30_0_5/infra/cmTagSLIDER_INSTREAM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.correiodopovo.com.br
date: Thu, 19 Aug 2021 16:23:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 4 KB
3 KB 136ms
125ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=400&height=225&pubid=169497&tagid=953497&crid=5854945&noaop=3&sortOrderType=0&cb=1629390231527&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1263&pt=1590349392&tz=120&viewable=true&ddast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=2334045&dpubid=324075&abtst=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.correiodopovo.com.br&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 285b398f1a2e39dafad0de11a19b6f2caddba9160ab6e82bd4dc7d079dcd71af

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:51 GMT
content-encoding: gzip
server: nginx
machineid: 1424
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.correiodopovo.com.br
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dc_oe=ChMIsaWcyr-98gIVgvh3Ch3bRAD8EAEYACCp2v5I;met=1;&timestamp=1629390231668;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame EE3D 42 B
515 B 85ms
31ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsaWcyr-98gIVgvh3Ch3bRAD8EAEYACCp2v5I;met=1;&timestamp=1629390231668;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 12988193 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 72ms
71ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12988193?_fw_gdpr=0&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: df4c7fe460b8bbfd0dfe38f9416082078c30caee02be65681bcc72a8c552106d

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:51 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1064
x-sticky-vk: 1629390231607044-333
Expires: Thu, 19 Aug 2021 16:23:51 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 41ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66292515&crid=5854945&dast=V753sCFgMl_2A1r-jjJgQl_2A1r-jjJgUAAAAGBjsHHLOcUWgbEnG5G62Wy8lmuFqslpPVcDWY7IbAMcsZhbYhEZe70Wq5nGyGo8ViNllNhrPVZgoOU3aaXJaDWiBrmlx-N4Sg6XT4XPd63e931_gtl5fTb_Ib_ra_XeN32yWWvxwAAAAAHgCyrMIhfgABACIAAAAAJAAAAAAoAir-LQQuAAAAADAADlSnNACeORTEbzq9nXafy-4PAICHAhAAAAEMEgCC-PUSgJHOrhMAAAAAAAAAAJb_____mIH5xRGZAXvtkB6ABx-AB6KCyiJGAAAAALmcr21HkzqhsqgCACBItwK4AgAI2PvKYT0OAwAAABAD5oDaz6xtBR9boIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4Ue2lA8j1xar-AAABrv4AAAGzjBgDwJgAXci9oOh0-171e9_vdNX7L5eX0m_yGv-1v1_jddonlrjC5nXa32uPw3NWev-gMajgcrSarQ4jFbjZYbBazAwAAALj7____xwPmgNrPrG0F1wOJ5W4487gmHudiN1osViPnZLYwbIybjce33E2W24MDoaRgGAmH63OYstPkshzUAlnT5PLbb8IWo9VkslkOZ8vFZDAcDUej_QngcoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDCy2ux2i8VsLfKNLGvRaGJzK0crl1u5cjkHg9Vktxtu1qLXx3RcDAcTw8aKB_NxOfe1CxcFAzL2IrhIJxq_5fJy-k1-w9_2t4glmpNFOpFd9o3lbjjzuCYe52I3WixWI-dktjBsjJuNx7fcTZb7ymqz2y0Ws7XIN7KsRaOJza0crVxu5crlHAxWk91uuFmLXh_TcTEcTAwbf2M2WW6Wg8lksG_MJsvNcjCZDPYdJtMz9Tkb1ZedyONSX63Z2zFmPihcBov3pT6dhwVjwTrtHJ0ul-lZ1Bn9fr_f7_f7_X6_36D1HMwGhe95-Aunj-W5HM5GD2KDQhFLBKeLdCL0u10WsUTytEgnooltZvFNJq7RyjMYzGwew2awMS1czsFkNBg5ZhOxRGm6SCd6ifqPDzFczRWr2VyxW80Vg-UqAQAAAAAAAAAsYcq8CQAAAMBpMJPRYLdaLkBEfLMusAgAAAAAAMAubDYGtB6XblZx48cN47dcXk6_yW_42_5WBpDgq2fe7Jkg1mq1rAEAAASwAQAAArh18xYQMskB!&cmcv=&pix=31579697&cb=1629390231766&uv=3005&tms=1629390231766&su=&abt=206725b_vA!adh5c-1_vA!expl_vE!insc_vA!scec9_vB!spa2_vB!t45!ul96147-868_vB&ru=https://www.correiodopovo.com.br.admin-mcas.ms/&ft=0&unm=SLIDER_INSTREAM&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 16:23:51 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame CD62 330 KB
112 KB 7ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.6.3/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 5837176a5be205c861565cdec44ff713ed7874620fd4b2967a59a0d184477a48

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1629390226.dop239.fr8.t,1629390231.cds008.fr8.shn,1629390231.cds008.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 113854

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame CD62 25 KB
25 KB 8ms
7ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1629390231811
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 16:23:51 GMT
Last-Modified: Thu, 01 Jul 2021 02:54:23 GMT
ETag: "1625108063"
X-HW: 1629390226.dop235.fr8.t,1629390231.cds143.fr8.shn,1629390231.cds143.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

ping_match.gif
pm.w55c.net/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c727a279cab353b8ac6c382cbe74a2&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g023_6998177754567769403
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEM_XEzJp37XWDbuSCJviHRs&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=c06e0588-217b-403b-b447-bba1d5e85ca3
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%26gdpr%3D0%26gdpr_consent%3D%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1102610437234881370
https://pr-bh.ybp.yahoo.com/sync/stickyads/c727a279cab353b8ac6c382cbe74a2&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-RgZivnhE2oOLTYRVAZ0k5pxSvo0Xhl7MQvkiysfS~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=4251611e-8598-4b00-8c73-6127e09feb5e&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame CD62 301 B
863 B 40ms
39ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12988193&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:51 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1629390231810040-538
Expires: Thu, 19 Aug 2021 16:23:51 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame CD62 67 B
722 B 43ms
42ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12988193&_fw_gdpr=0&_fw_us_privacy=1---&vav=db8f8e684e64c3fcf8cc0cfddc556b13&vaviv=e9fe76532274a939ac2347b14d7ae5c1&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.9.4&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.correiodopovo.com.br%2F%3F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:51 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.correiodopovo.com.br
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
x-sticky-vk: 1629390231737073-588
Expires: Thu, 19 Aug 2021 16:23:51 GMT

GET user-matching
ads.stickyadstv.com/ Frame CD62 0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

58ms
28ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=&google_tc=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YzcyN2EyNzljYWIzNTNiOGFjNmMzODJjYmU3NGEy&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET user-matching
ads.stickyadstv.com/ Frame CD62 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=c727a279cab353b8ac6c382cbe74a2&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

120ms
120ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=c727a279cab353b8ac6c382cbe74a2&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.correiodopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8E3QD1CPQDFY7X3WQJB1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 16:23:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=c727a279cab353b8ac6c382cbe74a2&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1629390231769073-418
Expires: Thu, 19 Aug 2021 16:23:51 GMT

GET
H3-29 200 dc_oe=ChMIsKWcyr-98gIVgvh3Ch3bRAD8EAEYACCp2v5I;met=1;&timestamp=1629390231979;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A39D 42 B
63 B 36ms
35ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsKWcyr-98gIVgvh3Ch3bRAD8EAEYACCp2v5I;met=1;&timestamp=1629390231979;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aff562fe9ab87004e5f33dc90a5569c7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 16:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIsqWcyr-98gIVgvh3Ch3bRAD8EAEYACCp2v5I;met=1;&timestamp=1629390231998;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 46FF 42 B
63 B 43ms
29ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsqWcyr-98gIVgvh3Ch3bRAD8EAEYACCp2v5I;met=1;&timestamp=1629390231998;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS