urlscan.io logo urlscan.io
SecurityTrails logo

diariodonordeste.verdesmares.com.br Open in urlscan Pro
170.82.174.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://diariodonordeste.verdesmares.com.br/
Submission: On January 06 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 12 countries across 64 domains to perform 419 HTTP transactions. The main IP is 170.82.174.15, located in São Paulo, Brazil and belongs to 3L CLOUD INTERNET SERVICES LTDA - EPP, BR. The main domain is diariodonordeste.verdesmares.com.br. The Cisco Umbrella rank of the primary domain is 129080.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 17th 2022. Valid for: a year.
This is the only time diariodonordeste.verdesmares.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
68 170.82.174.15 266444 (3L CLOUD ...)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
13 2606:4700::68... 13335 (CLOUDFLAR...)
26 151.101.65.44 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 99.86.4.32 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.207 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a02:2638::1c 44788 (ASN-CRITE...)
1 9 141.226.228.48 200478 (TABOOLA-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
9 46.4.112.233 24940 (HETZNER-AS)
1 151.101.130.207 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
10 35 142.250.184.226 15169 (GOOGLE)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 212.82.100.182 34010 (YAHOO-IRD)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 2606:4700::68... 13335 (CLOUDFLAR...)
3 20.62.48.180 8075 (MICROSOFT...)
21 2a00:1450:400... 15169 (GOOGLE)
1 1 148.69.64.76 12353 (VODAFONE-...)
6 35.157.246.167 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 7 185.89.210.122 29990 (ASN-APPNEX)
2 54.73.139.57 16509 (AMAZON-02)
1 5 51.89.9.252 16276 (OVH)
2 2602:803:c004... 26667 (RUBICONPR...)
3 2a02:2638::24 44788 (ASN-CRITE...)
3 185.86.139.96 201081 (SMARTADSE...)
2 18.185.180.247 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 5.226.179.19 209242 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
24 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 35.190.0.66 15169 (GOOGLE)
4 4 54.93.225.243 16509 (AMAZON-02)
2 2 35.157.209.111 16509 (AMAZON-02)
2 2 37.157.6.233 198622 (ADFORM)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
3 3 213.19.147.45 3356 (LEVEL3)
1 141.226.224.32 200478 (TABOOLA-AS)
4 142.250.186.130 15169 (GOOGLE)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:206... 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 2.18.69.48 16625 (AKAMAI-AS)
2 2 35.186.194.101 15169 (GOOGLE)
2 2 151.101.66.49 54113 (FASTLY)
1 135.125.160.77 16276 (OVH)
1 52.49.185.121 16509 (AMAZON-02)
1 104.111.217.14 16625 (AKAMAI-AS)
1 34.249.78.36 16509 (AMAZON-02)
2 2 52.17.115.124 16509 (AMAZON-02)
1 1 185.89.210.101 29990 (ASN-APPNEX)
2 15.197.193.217 16509 (AMAZON-02)
1 2 185.86.139.115 201081 (SMARTADSE...)
3 142.251.208.162 15169 (GOOGLE)
1 2.18.68.187 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
4 23.64.52.128 16625 (AKAMAI-AS)
2 4 69.173.144.165 26667 (RUBICONPR...)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 52.94.223.37 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.46.155.104 16509 (AMAZON-02)
2 2a02:2638::42 ()
1 54.76.69.248 ()
1 34.98.67.61 ()
1 2602:803:c004... ()
10 18.203.130.15 ()
1 96.16.132.239 ()
1 37.157.4.23 ()
2 2a00:1450:400... ()
419 83
68    170.82.174.15 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)
diariodonordeste.verdesmares.com.br
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    2606:4700:e0::ac40:6c22 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
cookies.pn.vg
2    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
13    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
26    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
widget.perfectmarket.com
trc.taboola.com
nr-events.taboola.com
images.taboola.com
4    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net
sb.scorecardresearch.com
22    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
sync.taboola.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
2    2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
9    46.4.112.233 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy04.cl03.het.mrf.io
events.newsroom.bi
1    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
static.premiumads.com.br
35    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
pagead2.googlesyndication.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
22    2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
lp.cleverwebserver.com
call.cleverwebserver.com
3    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
21    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
6    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    2606:4700:10::6814:e180 (United States)

ASN13335 (CLOUDFLARENET, US)
id.navegg.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    54.73.139.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-139-57.eu-west-1.compute.amazonaws.com
ad.360yield.com
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    18.185.180.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-180-247.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    5.226.179.19 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
members.bet365.de
7    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
24    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    54.93.225.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-225-243.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.157.209.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-209-111.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2600:9000:206e:4a00:15:6513:6d40:21 (United States)

ASN16509 (AMAZON-02, US)
d27rf63iunghx1.cloudfront.net
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    2.18.69.48 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-48.deploy.static.akamaitechnologies.com
at.teads.tv
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
1    52.49.185.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-185-121.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.249.78.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-78-36.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    52.17.115.124 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-115-124.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    142.251.208.162 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net
ade.googlesyndication.com
1    2.18.68.187 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-187.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    23.64.52.128 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-52-128.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3605:c47f:b3fe:c8ab:fb9b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    2a02:2638::42 (None, )

ASN- ()
ssp-sync.criteo.com
1    54.76.69.248 (None, )

ASN- ()
match.prod.bidr.io
1    34.98.67.61 (None, )

ASN- ()
odr.mookie1.com
1    2602:803:c004:200::154 (None, )

ASN- ()
beacon-fra2.rubiconproject.com
10    18.203.130.15 (None, )

ASN- ()
s.update.rubiconproject.com
1    96.16.132.239 (None, )

ASN- ()
ad.yieldlab.net
1    37.157.4.23 (None, )

ASN- ()
cm.adform.net
2    2a00:1450:400d:803::200e (None, )

ASN- ()
www.youtube.com
Apex Domain
Subdomains		 Transfer
68 verdesmares.com.br
diariodonordeste.verdesmares.com.br — Cisco Umbrella Rank: 129080
2 MB
50 googlesyndication.com
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
ade.googlesyndication.com — Cisco Umbrella Rank: 334
633 KB
50 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
357 KB
35 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1016
c2.taboola.com — Cisco Umbrella Rank: 11686
trc.taboola.com — Cisco Umbrella Rank: 842
trc-events.taboola.com — Cisco Umbrella Rank: 1350
nr-events.taboola.com — Cisco Umbrella Rank: 13497
am-trc-events.taboola.com — Cisco Umbrella Rank: 20433
images.taboola.com — Cisco Umbrella Rank: 1697
pips.taboola.com — Cisco Umbrella Rank: 1748
cds.taboola.com — Cisco Umbrella Rank: 1977
sync.taboola.com
601 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 716
eus.rubiconproject.com — Cisco Umbrella Rank: 832
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
token.rubiconproject.com — Cisco Umbrella Rank: 858
beacon-fra2.rubiconproject.com
s.update.rubiconproject.com
92 KB
24 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
558 KB
22 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 28149
ui.cleverwebserver.com — Cisco Umbrella Rank: 29033
lp.cleverwebserver.com — Cisco Umbrella Rank: 59129
call.cleverwebserver.com — Cisco Umbrella Rank: 30302
204 KB
13 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 446
bidder.criteo.com — Cisco Umbrella Rank: 834
mug.criteo.com — Cisco Umbrella Rank: 1856
ssp-sync.criteo.com
11 KB
13 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 25343
usr.navdmp.com — Cisco Umbrella Rank: 30381
cdn.navdmp.com — Cisco Umbrella Rank: 8338
sync2.navdmp.com — Cisco Umbrella Rank: 51496
sync.navdmp.com — Cisco Umbrella Rank: 16372
8 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
secure.adnxs.com — Cisco Umbrella Rank: 670
acdn.adnxs.com — Cisco Umbrella Rank: 872
32 KB
9 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 10444
887 B
8 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1541
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1224
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 723
1 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1536
e.clarity.ms — Cisco Umbrella Rank: 11933
c.clarity.ms — Cisco Umbrella Rank: 2283
21 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 330
143 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
314 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 977
s.amazon-adsystem.com — Cisco Umbrella Rank: 396
4 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
2 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
ajax.googleapis.com — Cisco Umbrella Rank: 520
100 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843
4 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1916
sync.smartadserver.com — Cisco Umbrella Rank: 2229
3 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1025
1 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
40 KB
5 gstatic.com
fonts.gstatic.com
106 KB
4 cloudfront.net
d27rf63iunghx1.cloudfront.net
125 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
2 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2763
mp.4dex.io — Cisco Umbrella Rank: 3019
26 KB
4 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 203073
static.premiumads.com.br
157 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 5450
www.google.de — Cisco Umbrella Rank: 3658
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
223 KB
4 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 88335
cookies.pn.vg — Cisco Umbrella Rank: 112373
65 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 871
cm.adform.net
1 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 817
eb2.3lift.com — Cisco Umbrella Rank: 497
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 237
3 KB
2 youtube.com
www.youtube.com
63 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 456
529 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 301
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 918
603 B
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 5776
397 B
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1583
at.teads.tv — Cisco Umbrella Rank: 5092
4 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
58 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 791
2 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 996
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 6134
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1147
r.turn.com — Cisco Umbrella Rank: 4328
869 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 796
363 B
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 13372
flowcards.mrf.io — Cisco Umbrella Rank: 13794
27 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 4005
29 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1163
5 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 943
37 KB
1 yieldlab.net
ad.yieldlab.net
525 B
1 mookie1.com
odr.mookie1.com
356 B
1 bidr.io
match.prod.bidr.io
433 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
706 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 803
338 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 807
227 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1114
1 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1681
394 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 444
554 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1675
573 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11371
550 B
1 bet365.de
members.bet365.de — Cisco Umbrella Rank: 464569
1 KB
1 navegg.com
id.navegg.com — Cisco Umbrella Rank: 415792
303 B
1 clevernt.com
sender.clevernt.com — Cisco Umbrella Rank: 57620
274 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1380
609 B
419 64
Domain Requested by
68 diariodonordeste.verdesmares.com.br diariodonordeste.verdesmares.com.br
cdn.pn.vg
24 s0.2mdn.net diariodonordeste.verdesmares.com.br
s0.2mdn.net
23 pagead2.googlesyndication.com www.googletagservices.com
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
diariodonordeste.verdesmares.com.br
22 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
diariodonordeste.verdesmares.com.br
tags.premiumads.com.br
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
diariodonordeste.verdesmares.com.br
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
19 lp.cleverwebserver.com diariodonordeste.verdesmares.com.br
lp.cleverwebserver.com
19 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
10 s.update.rubiconproject.com diariodonordeste.verdesmares.com.br
s.update.rubiconproject.com
10 images.taboola.com diariodonordeste.verdesmares.com.br
9 events.newsroom.bi sdk.mrf.io
7 ib.adnxs.com 2 redirects tags.premiumads.com.br
googleads.g.doubleclick.net
acdn.adnxs.com
7 am-trc-events.taboola.com diariodonordeste.verdesmares.com.br
7 cdn.taboola.com diariodonordeste.verdesmares.com.br
cdn.taboola.com
7 cdn.ampproject.org diariodonordeste.verdesmares.com.br
securepubads.g.doubleclick.net
7 www.googletagservices.com diariodonordeste.verdesmares.com.br
securepubads.g.doubleclick.net
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
s0.2mdn.net
6 c2shb.pubgw.yahoo.com tags.premiumads.com.br
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 onetag-sys.com 1 redirects tags.premiumads.com.br
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
5 sync.navdmp.com diariodonordeste.verdesmares.com.br
5 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
5 fonts.gstatic.com fonts.googleapis.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 eus.rubiconproject.com tags.premiumads.com.br
eus.rubiconproject.com
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
4 d27rf63iunghx1.cloudfront.net
4 googleads4.g.doubleclick.net diariodonordeste.verdesmares.com.br
4 x.bidswitch.net 4 redirects
4 googleads.g.doubleclick.net 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
diariodonordeste.verdesmares.com.br
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com diariodonordeste.verdesmares.com.br
www.googletagmanager.com
tags.premiumads.com.br
3 s.amazon-adsystem.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 ade.googlesyndication.com
3 mug.criteo.com
3 ajax.googleapis.com s0.2mdn.net
3 prg.smartadserver.com tags.premiumads.com.br
3 bidder.criteo.com tags.premiumads.com.br
static.criteo.net
3 e.clarity.ms www.clarity.ms
3 www.google.com diariodonordeste.verdesmares.com.br
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 tags.premiumads.com.br www.googletagmanager.com
tags.premiumads.com.br
diariodonordeste.verdesmares.com.br
3 nr-events.taboola.com c2.taboola.com
diariodonordeste.verdesmares.com.br
3 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 trc.taboola.com cdn.taboola.com
tag.navdmp.com
3 sb.scorecardresearch.com cdn.taboola.com
diariodonordeste.verdesmares.com.br
3 tag.navdmp.com diariodonordeste.verdesmares.com.br
tag.navdmp.com
3 cdn.pn.vg diariodonordeste.verdesmares.com.br
cdn.pn.vg
3 fonts.googleapis.com diariodonordeste.verdesmares.com.br
securepubads.g.doubleclick.net
lp.cleverwebserver.com
2 www.youtube.com s0.2mdn.net
www.youtube.com
2 ssp-sync.criteo.com static.criteo.net
2 sync.smartadserver.com 1 redirects
2 match.adsrvr.org
2 dpm.demdex.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.sxp.smartclip.net 2 redirects
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 c.clarity.ms 1 redirects
2 sync.1rx.io 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 ads.creative-serving.com 2 redirects
2 mp.4dex.io tags.premiumads.com.br
2 tlx.3lift.com tags.premiumads.com.br
2 fastlane.rubiconproject.com tags.premiumads.com.br
2 ad.360yield.com tags.premiumads.com.br
2 script.4dex.io tags.premiumads.com.br
script.4dex.io
2 cdn.navdmp.com tag.navdmp.com
2 www.clarity.ms diariodonordeste.verdesmares.com.br
www.clarity.ms
2 usr.navdmp.com tag.navdmp.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 unpkg.com 1 redirects diariodonordeste.verdesmares.com.br
2 code.jquery.com diariodonordeste.verdesmares.com.br
1 cm.adform.net googleads.g.doubleclick.net
1 ad.yieldlab.net googleads.g.doubleclick.net
1 beacon-fra2.rubiconproject.com diariodonordeste.verdesmares.com.br
1 static.premiumads.com.br 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
1 sync.taboola.com 1 redirects
1 odr.mookie1.com
1 match.prod.bidr.io
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 eb2.3lift.com tags.premiumads.com.br
1 acdn.adnxs.com tags.premiumads.com.br
1 secure.adnxs.com 1 redirects
1 beacon.krxd.net tag.navdmp.com
1 tags.bluekai.com tag.navdmp.com
1 sync.crwdcntrl.net tag.navdmp.com
1 gu.dyntrk.com tag.navdmp.com
1 at.teads.tv a.teads.tv
1 a.teads.tv tags.premiumads.com.br
1 c.bing.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 r.turn.com 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 pips.taboola.com cdn.taboola.com
1 members.bet365.de lp.cleverwebserver.com
1 id.navegg.com tags.premiumads.com.br
1 call.cleverwebserver.com diariodonordeste.verdesmares.com.br
1 sender.clevernt.com 1 redirects
1 ui.cleverwebserver.com diariodonordeste.verdesmares.com.br
1 scripts.cleverwebserver.com diariodonordeste.verdesmares.com.br
1 www.google.de diariodonordeste.verdesmares.com.br
1 cms.analytics.yahoo.com diariodonordeste.verdesmares.com.br
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com diariodonordeste.verdesmares.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 flowcards.mrf.io diariodonordeste.verdesmares.com.br
1 region1.google-analytics.com www.googletagmanager.com
1 trc-events.taboola.com diariodonordeste.verdesmares.com.br
1 cookies.pn.vg cdn.pn.vg
1 sdk.mrf.io diariodonordeste.verdesmares.com.br
1 c2.taboola.com diariodonordeste.verdesmares.com.br
419 115
Subject Issuer Validity Valid
*.verdesmares.com.br
Go Daddy Secure Certificate Authority - G2		 2022-01-17 -
2023-01-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-31 -
2023-05-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2022-11-30 -
2023-02-28		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-10-23 -
2023-11-24		 a year crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
bet365.de
Cloudflare Inc ECC CA-3		 2022-12-13 -
2023-12-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
teads.tv
R3		 2023-01-05 -
2023-04-05		 3 months crt.sh
*.dyntrk.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-12-28 -
2024-01-26		 a year crt.sh
update.rubiconproject.com
R3		 2022-12-03 -
2023-03-03		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://diariodonordeste.verdesmares.com.br/
Frame ID: FEADA63F04760C8A5910AE402943ED2F
Requests: 232 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: ADD206E552EDDE66C2FE74ED57587D18
Requests: 1 HTTP requests in this frame

Frame: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3EFC95D1F3698B98E966838766D045C0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1nodFwO6oCGTSO5SCvxHJwSCqmz2elBU_rV9BrCvq8kVUbBQJ6qv0SOxkLn5bQLwPf8pIdi18y891lS70faoFwFr055urR-iLzrH5B_dICE65oAe3loZPxdAwBj0KoQNyogHgNwCQyM-0alTLj9ki6Oi6EzIBM95NsGUlyt4sIYwN5eQil1MpH4LdiWUci7ZEiZ9scXijaE-ve72Laq-JZ9U4FkpofwsOxe1MSezcAMSl4HnnIy6sXM26dOj6p0fb9_PQAoqgGzaC8MxFK-bkyJU1xtUGZdkWgpyH4BJm_hsATPeq427Jcy-EABAOBVar20hplllEepl6b8WI2J1KbBtTSRYMQNvS&sai=AMfl-YQcHM_0IeZw6nbUvmu70ig_TvgJx9s_FibBhsgSg-JRa_Q45slXpHrDg3K_MZIskGL44542NXsFZln60fLjRUtF4ptmXTX_kvSHJsp3p6w8d0AQETIdVQR0Pqp9_aRqNCdOa4VDzNShbvX47Y4EYA&sig=Cg0ArKJSzJmjxC1tjn-UEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F9899FA16750615E86063EF7CB91B102
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXwr_EJLDmzrtNdGyGqBQhUYSdR5KfDUGBKg9gRNpgLhwOWnlynm1ak4Azl4CCVk4OjlvMGuWSA82uMCqplkZhaO4oa6fcX6edniVYtLSmJ-vFzZgX9wFPOalTpx3GBp7Pcc7G8zM0I0nWX29lPi7MJZ-q6ssnrgL-v7FraleqIcK4B8EmN37SJYiqWLm5aITwUEg4e1ZA2VOm15oGFNLUO3kBeVhJSWl_x6yeDsCLK47fleep6ULOIxDMAKafnQJn903g8CLb2Drq4S8vL0hoZ6WVvVem48VbGW7zMtgCFxBE90LuK_NAwIoMSF7bOnKHr51HmIB9BA&sai=AMfl-YTE-4-Q7G4xNPMxpJ1KHiatkc4oGgxQErPe9jE6g0L1s7WAJom4KI76Go0s1OqzJxl9jYEJv7yhC5iLc-wHmtVF4kRkrz1vv7Kx-_56KhXn3jPDlmY0DOWO0wKrf2LyepVlBaf5GDMG9ImfACfY9Q0&sig=Cg0ArKJSzJeO7bJiiBHtEAE&uach_m=[UACH]&adurl=
Frame ID: 3E50B98CD050C726B5809183DBA6FBFB
Requests: 7 HTTP requests in this frame

Frame: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Frame ID: B7E00D8F8560BD26E45F5CE9CAC238FA
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 4175137FC1A27952A9B8388D2850407A
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJmxQFuMiIa72_HkwJoErtkecHfssC1JpgE2t5ejePPW5R0VI8iiwNStTAzK7FwmEOSfoRX9_0Hf357QfwUeNVX5SfSAPq8JaXy59g-Q89weclVGgLsHuv-tzIM_kgCpXcg3lDCTHnVS2hbWR827fHqu0Ar47C294MELeHzQoTPunztNZJyPKB1qcF-5RLhxoZY3velWTrD8C5qikTQ4_M7G3IQaGDVebKmv47cqM78y6c03wBBWq4652IaofZnzT0r9K1TQzuwJH5GFWFfw1RFRwFE7Qo_lXeQ1VyGLvJVl-VrFEpwRdULUJ5uH13vJ3cSmnX7fa3SxlbwA&sai=AMfl-YTQCzDIUsIt1zN2bU7hWYrqXur-9MawopXiftffsRKhVWYsklmNG0vxn8CCT1p2pHvZxxjvqN9MYbwk284zncV9zFh2P2ykBXyL2OeQtD9PK_5kWVLCacr1pVVyB-NG_eaZZ_8mfnOKRNufAtbBYq4&sig=Cg0ArKJSzNDwyCrtaxmjEAE&uach_m=[UACH]&adurl=
Frame ID: EEA1F3028C0BFA325061F6E8333B1D03
Requests: 7 HTTP requests in this frame

Frame: https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/report-page-structure?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=156603587177440471&page.template=home&page.dashboard=home&ui=adcbf424-0e62-48f6-8d82-241f580b7dd4-tuctab19d68
Frame ID: 7B154BE72F239BB3D1835B166CD566A5
Requests: 1 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01015691
Frame ID: AFD4A61E4892D86DB5325C30B1961306
Requests: 1 HTTP requests in this frame

Frame: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B108CEDFCB9906551F7323A3243F69E5
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_dTjwAEwAQ&v=APEucNVo9zRBjQF78HuF6WKsOM-ZHGf_ljdXF9euapk7T_KnGDkib0cRDYEx6AlZPhwTfIN1XdNnO-FInqO8DyVyTolUH7-BdnO_NxtRuJxdcZJf2r4LqInahl8JC7XOEdyMkIn1mDof3xtzbsGLn6bpbVPBSC5PwXCz548KPQ-rz9S8p_D9WzE
Frame ID: 169B69226A479F07939EC5306BD0A91C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B267DED8EEADC84DFB9B2040E51C7D41
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DB9C8D8FC38F06FFBAE010DB6DD9FB3D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
Frame ID: 682270083D1FA115C46EEFEB90203232
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 22DE41B22FD0A2909AB7508A3A529CB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDF44C54984A1B394DEB1D9E12669B43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0594AA2A620CC1C3BB305DFEB24FF6E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=diariodonordeste.verdesmares.com.br
Frame ID: DE5AEA05304E6EC1086DA4DE2DDCFA6C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A8EA0FBF1D046F7974609995A96BF79C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1673009129541
Frame ID: 4D8B61DC7751FED8C7BD04360CFAD130
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D9A4AED6605704BE2B101FF5F0FD4388
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EBFACAC929A5D86BAD47EFE1571FEBBA
Requests: 10 HTTP requests in this frame

Frame: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7EB5509691337B13BA554A3DB084EA2D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIY-MaJDDAB&v=APEucNUU_V7daTvAE4L-ybvF8pEz2nXU8UquLvZ36wSZm5OlE_JhRpCVrDa_gUlW0FEKXjx2i8EVb5myZllbrG9bgTXH2lW8JZwVdXR3WmBNzi8qrFjXgrsMUuHJeGdSRsFy3FrQ4a_5fgPZ-KZw4W8Aw6MFWAhjI7Gxp_WwyE0WKcdWT_btgyc
Frame ID: F3F2E0CDD4E0F186A1CCD572D65C80C9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfKMng5gnN7gr1-iWPqhV6L2A9S2inciOnkFYYxrOJXwYqY8w9qzyHxLEkMCfB5NUlu-gePOrtt0_j9RFowf_dEbpfGEVEP62a9Zv6rG42hNnebYt-SLLUA4cnpKaQDy_PCHBdOg6tTVCAOAt_neVSpwRhVXcgEf2b6YuRTMdVwrpjvzQ&dbm_d=AKAmf-ALfsh8x9NbJl4jhlnL4W_crZUMUDGPR66ekD6F6Xjw5dnlWVlvLKHeOpXyuNNvuMyFRD-tnAynm7t2wsMLerKBDppsIWU6o21cYJxclsT0siV3H8Jg1sKORpdD2miG7vTuBdpiKgiGmKFFfJ_M4ka8jbDtC7DbZM6NfebTLDaHC_mEcRot4kNYsrsVVFXhAQ0OQl3M5r1cnHgUO-si3mHqhNLvukg_o1hILkI0NJKc90ILVDSURCyrDEwS3c56eucNviiblsIpYQhitlcP9ydLKfbOFzD2drNdH4RE1bYryXwa7XIn-PJQCS-9pQdnqnzjATo--2h-5pRBQU79vb1jRPp34i6FIz6-E6HKyXDeD30E59XmqwacnM7GEcr0lhaBeC0fPMQpwJzu2hjE_BMvXUQv31knS1Z-70nCMw_fNQRkTBwBhGXJsvJLlBz4Yx9C-Y3nt324yGOUdpwOg0q35GxV4Kvc3fINFYCaaved__VvXa57tberhf5LCG6ujbc7T6GnRHDybAWVx_OapDkM6Phh6a2wIuSqW1Q_qTC3uoGDicYRxb9J6PF2id2FNJ43F0ZZC8dEFss0ieyvyW_OlaE9AGU8KGDkuFeJHTp4U_4GnvO1CQgCKvD3dFUz5uElzqlTfb3L6wXJoUNWp2NI-WI1CuId_gfDghHY5-PZe1UCLdL9lIaZ47kLlJo2CCaPTXouRuNXzVl3Znfln81YpaUdhoBUmhAk0w2E5K8neUHLkma1X4c3OaxQqtg28RjG-Rg8I_aE_bw_yJugsE73JOgtwmmqaCouQzz28LTMrHLyIGdM_6BW4dkfwofmqJ6ZUNK9xUN2UeJ3ap-hnHeAgtfLAV7-G8ROd6afygFMW1QPdnhAY0a6dMibmEBQkRi-KacGLW_px0qGQ0TksQuXnwampECuLbJVXBJ_SDgG2a9fgXpN4CWkfFku3UJpTwifQxAZVrn73v6ht32NidPunWrKFl1_sJtiNI3GmRW5TvyqYwz1aFg4FZoOn59mtglReTr6AmrGqKWZJzLcQ5W4U_1Y3AGDHN-i-xyx65SVEFHEzz3JLKxLwtBY_ZHbr2Z5VreW04Mbusu6lHXLhrdjjzhj_xAAs-xCvxjrO_np6ZGzR1RwPCo8XpLzFoa-7f6GH74tEJhYNar8FPeNFQ4u0H5987nblx7Eb4I23huFIyIFyn4t0-zpZ2-v3lRjIFgJTn7LMyB3ZI0gkYsuBSrM7qnOaOJbRK20FLITkOdTLOyHT1Z6lQN5utU431DkxTmrlYuUUarzOwtK1_ZhsiSnd4CCBTwlgbEQveIKmg7DSapOjvLLJFVl7sfFEDW16EF9jGg1m5vMgCPTB8wstzJN3IEcAp9mQadhGZChCCF-FSAEfU7w5PqLCYljt-XkMEn_tFLpOKnFgIutN-qAv0hJWiDf3sWeSETDeupFlhqNXhsndetp-iXJmOnW75VSwBAxpdP1dPSBkPCcDPF-nKGABjKQ8zqq3a_U3GdoqiMA6gY_3pxjGQfotocb2p4jiymRVdVkbESzmWjkhf0zttdZEkURjywjR3fFupEyTbv2m-yrBPF1eIGMB5zZ-EhjStTAeMd8d45ANv_4Q2cqcIcgy83qQVUcA8i9SLqYsZSwvwELFR0khcNEhPnu0HRXuXZJfYCQH08xY72rl5gDjmL-c5tADYC94ugNChV7z9ZnJoLWM-Vx-m6ZN0vl-oUdTN6e2cUCwHJyDI4yKlD4OjsYeFvGMffxdQ6CXMbEI1utQpq2iMBLygRtem0uanA_vFznEZAEQ-sQ8PbpMBKCqphBYouNGg9at-RgYurPwru7_Bm_tc2lKPfrxFzBsWkfAGERL041DlFfHnR8NWTgD4I2Py6wxftXqwpYZOODwVb9SoQJPNwgF3Sv94o89CWcr3Gjrr_uhyUy7jwZAQOd_6fDBw8UOabcQX_8WT8QQ6ignNYzISp-Cxj7XSXMf6gKl1uCLCaz-17ujckKDpURovNqoXNJLfY1LRqiPYIXisUqqsOzrrcsnoIhWzxbZbLReuNimKyggPUGuyjWCOYXwMeNFg3czKmsmYeu0GmNH5G3bJiZIi_L__xDlKxeG-t8_-MF_EcJvKX7ibEtOTmUCNZTUDMEjeMWiBFo-atQu8yZS-BsYzrtwIpHRWGnESBnpkN_Mc5Io3lLBQSQJYs_wxXnKbpTR3scZzN-L7XceCe2vqexHeqbxyYGIbwOquLGPwkIFQseY4Kj0Gqz6N5ZJkkZggwMSJxzOruIWezq-ptr5YPpyj1UB9crAoMccIF-MLzLamYRTSS3FJNkUtzcF_Q5lVlBEgxQQwqDQ9FDEdczd_B7r_WduSqu_c0I1wVxVhGqJdcn2yeo8Zn0QmqCa4jWbxbSuCDG1uzDsWhl8deOsISDp26Ijt2YpBWgnQ1bexvdpJvpsg4RU1z2cpB5CWOovGXhstaSwZRwu0Wau1ag7MtoOl6Yzs0D-SzrdNJNF5Ofkwp34ejNhBgjOJAvf6TH41PUyT_cSo6g1om0rJD-2O7OR-hSDVof1rbO6dpzdjxn6Tugv4UhjnE683RoVjiEUiss_7VQoadV3A6i-wawSQhFptKjfA1J82TH0PC_-6bM42q5f5oYylEcnRO8oP_LJkVkKZ9CUFoQ-bkZeb9riSQi-yd5zBR0ahWec34XliXORhF1oTeAhnaFI0vMPADk-vJsjBe6InbKSSYeUMaJHbVE_zJKXtzRnZxlQyBsZtCiaHcOS1JR283x2MsXmq2LNaobxpQ1aPUvGOBhNPSgtr5LfJCloWUmJfu2cR-UYLjo86z4X1Y--LCsazacvF9a4eKqUG1QAFafT_ORZ0-nxCZjzxl3kuIgEKNo2ZNmUi69BW8bfO-Rl7NhPPKQ9DoIblHB_6_FfO1pi4bG0S43ox5jh6fCQIhVSyeABp6yEHe8s5S15ldCk7-4pl0X3DlS2RkWfxd29Vx7iB1XzKfK3WRpxGju5XMCQdfA2z8G4Irz1rJIfIpKLcshYilv3pVCRvKecEKSrpbHJE5BCC6trp_5WEeOjbMI5ltqVHIEoSkIe9cvHQqxbFQ_SVHN7WAEZKlRriVan1wjBoxWKJZAQ6MWWiWOAkhjSoiQw0v7q4BixOS5BJ4cXP1vC_GXbAaLbmGSvWYYLBJ43Cee7bG2BhbqEeliuRUbU-HoF2-nT9hyldJ2fQmcErfJCHx-YztBFmEYzLKL0GIV7e0hJvakXbcY91lYWA24xVkxqG6TjH064jiEXcwpLvuhk4s0g5YWPtFSNTwS5PU2htv9vFno_HfZFXJpDB3GDOwgWreW64IUpvbryFF46IpChl-tzQ7ZHF12qAgnEY8HNC0nVAvsWitPRyw&pr=8:585A890D41A48F2B&cid=CAQSKQDq26N9_qjwslt3RwNKLXWXb3QR3Cw83b3Zzm8Rabo89E2oAzu33lBNGAEgCg&rfl=2%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Frame ID: 0FBFF0DAB51C5DE5E84ACE0130372605
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 6461ADD3C4184655561AE971ABF643B7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1742A9C45AF369FFF9D1E2FE204DD968
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Frame ID: 539CE89C9DB92A20FA45FAAAFB55D765
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Frame ID: 0000CE7BAED4C65AAD1E5FA9AFAE8B29
Requests: 1 HTTP requests in this frame

Frame: blob://https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/21d680ce-34c0-48c6-b6e8-f52996d91c20
Frame ID: 6B4F23B4684CF896300B07ECC29B0224
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Diário do Nordeste - Últimas notícias de Fortaleza, Ceará, Brasil Group 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

419
Requests

91 %
HTTPS

43 %
IPv6

64
Domains

115
Subdomains

83
IPs

12
Countries

6377 kB
Transfer

12714 kB
Size

77
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://unpkg.com/swiper@8/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=77442649983 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=77442649983&google_tc= HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=77442649983&google_gid=CAESEA2AD6Sv9ztgvxCw8CeQUV4&google_cver=1
Request Chain 119
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=f35863b8-17e8-4400-bd53-430fe51e69b6
Request Chain 165
  • https://sender.clevernt.com/transporter/49109.php?id=503466&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&r=235400789&tok=33419711310201791433&t=1673009129&cmpId=&fb=0&wl=1&iv=-1&ctr=DE&sz=1200&landing=1&hei=360px&ts=0.103 HTTP 302
  • https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&C=1
Request Chain 252
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7gX65.VOzvPIrUKNU0PegAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&google_hm=2
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDuZx0U716RuqUM3Tj13ciw&google_cver=1
Request Chain 254
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1ODE5MTkyNDU0MjIzODg2OQ%3D%3D
Request Chain 264
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEJhqS8EV_CIR7im-YIcnZk&google_cver=1&google_push=AavPq0NUhlt94a9d-27wuDW67g2poD2ih_5O5rs8cNBetpuG3NNeyBkBSdH0YFNhyKnEGCNUxkRlO08RZM8Baxzy9z5unskE8ig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODczNDAwMTg5ODUyODMyNzgwMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJhqS8EV_CIR7im-YIcnZk&google_cver=1
Request Chain 265
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOJ5utIFn-0HmNEtBM2Beic&google_cver=1&google_push=AavPq0MfkTh_9sln4x_qUK5RYkvW78MRJXmSmxFL45853UV0oC8vPW4rrJwIHzRTY3cggmtWddOkMx15Hz9G1eqWdZAreZZpTQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HIeappVTToeAIIOh90Engw2&google_push=AavPq0MfkTh_9sln4x_qUK5RYkvW78MRJXmSmxFL45853UV0oC8vPW4rrJwIHzRTY3cggmtWddOkMx15Hz9G1eqWdZAreZZpTQ
Request Chain 266
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP0K6qbAC0WQUJEC0IiNEJo&google_cver=1&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyEKhM6HOE HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEP0K6qbAC0WQUJEC0IiNEJo&google_cver=1&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyEKhM6HOE HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a18ac6ae-7789-4f67-810c-b4f2049570cf HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a18ac6ae-7789-4f67-810c-b4f2049570cf HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=1dc162b1-81d4-4eac-8b52-497c1111006a&ssp=google&expires=30&user_group=5&bsw_param=a18ac6ae-7789-4f67-810c-b4f2049570cf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyEKhM6HOE&google_hm=oYrGrneJT2eBDLTyBJVwzw==
Request Chain 267
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEENd1eMSPHg1gJVTNLgZjR4&google_cver=1&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSKeugJFMZiABHtDObhSDl6w HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEENd1eMSPHg1gJVTNLgZjR4&google_cver=1&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSKeugJFMZiABHtDObhSDl6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU4NzM3OTIxNDgxODQ0ODc5Mw&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSKeugJFMZiABHtDObhSDl6w
Request Chain 268
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHb76crz1-3RJdp32fS6kUA&google_cver=1&google_push=AavPq0OXzPCkYf84Rr35vMCQAztE_7MBbJRCheJT3e3RcSgwPZ0DvLwaPc3ZJUkPpcCCWk_DWth9EDy5Eld7cNF1_7_awFYzpRE HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHb76crz1-3RJdp32fS6kUA&google_cver=1&google_push=AavPq0OXzPCkYf84Rr35vMCQAztE_7MBbJRCheJT3e3RcSgwPZ0DvLwaPc3ZJUkPpcCCWk_DWth9EDy5Eld7cNF1_7_awFYzpRE&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kfyb_D9iQGSIidJOmbJW6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OXzPCkYf84Rr35vMCQAztE_7MBbJRCheJT3e3RcSgwPZ0DvLwaPc3ZJUkPpcCCWk_DWth9EDy5Eld7cNF1_7_awFYzpRE
Request Chain 269
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEHTn5FSXBQyf22UloGIAUfo&google_cver=1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1673009131218 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-31e3928e-405e-45a6-a649-2fb9974c4e2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w%26google_hm%3DAzHjko5AXkWmpkkvuZdMTiw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w&google_hm=AzHjko5AXkWmpkkvuZdMTiw
Request Chain 270
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKD-v4oosQKTGz4SKJAfQhA&google_cver=1&google_push=AavPq0O8x2tsp_g-7nqY2u7cDOGBumPS4Gc89OptDSSiSZfkQgp-gblThcMPLhQvUdfcuWYOwUWO4-D8Ju0QVf4npCouNE3hzAqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O8x2tsp_g-7nqY2u7cDOGBumPS4Gc89OptDSSiSZfkQgp-gblThcMPLhQvUdfcuWYOwUWO4-D8Ju0QVf4npCouNE3hzAqQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 283
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=AAB901C007F44A67B586C282F1917E6F&RedC=c.clarity.ms&MXFR=38A9455BC85B6F153DF357CACC5B6129 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=AAB901C007F44A67B586C282F1917E6F&MUID=00428D9D6F3F674B33029F0C6EB46624
Request Chain 304
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=verdesmares.com.br&sn=ChromeSyncframe&so=0&topUrl=diariodonordeste.verdesmares.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=f3vBR3xmR01wTG9TQlAyVVlGT1RsUEQwQ0VQYWp1bTJHZW8xQjZBN3k3Sm1iRWFvM3ZRaGM3K01uK0RlNE9lRS80d25MQmY4a1Q1bUZMMVNBTnRXMTRueW51alZ1N0lyTjZ6SmE5bjNNMU16UVRaWllZUjVBdWNIbzdnbytGY0xKelduMm45L08rTmE2VG9yeDZic3o4ekRkRjFQOTc5a1FORUtYYURSWEk0aGxZYWc4NDJqc2xTMmxIMnVQVXhVbjVJdmFPTzNaQm05RmJmZmMySUIxM25FUzB1alBkRXN5WUVzQTZYS3FMSWlubEtwRVlheUNjdUJQRGtRYjNsVnE5cWNCZG9ySDliRnhEZm4rLzhXSmh2cFgyMjcwa2M1UG1Odjd5NXFvTUoyVktUcz18&cppv=2
Request Chain 311
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1 HTTP 302
  • https://sync.navdmp.com/sync?prtid=25&sclid=accc09dc-ee17-b863-7187-8edb5b5fdab6
Request Chain 312
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=Y7gX7gAJr0HIjwAp HTTP 302
  • https://sync.navdmp.com/sync?prtid=17&tubid=Y7gX7gAJr0HIjwAp&_test=Y7gX7gAJr0HIjwAp
Request Chain 318
  • https://dpm.demdex.net/ibs:dpid=822&dpuuid=77442649983&redir=https%3A//sync.navdmp.com/sync%3Fid%3D77442649983%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=77442649983&redir=https%3A//sync.navdmp.com/sync%3Fid%3D77442649983%26adID%3D%24%7BDD_UUID%7D%26img%3D1 HTTP 302
  • https://sync.navdmp.com/sync?id=77442649983&adID=25220870053022464214558780979632426501&img=1
Request Chain 319
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1 HTTP 302
  • https://sync.navdmp.com/sync?appNx=4158191924542238869&img=1
Request Chain 321
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Request Chain 324
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&domain=diariodonordeste.verdesmares.com.br&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=j3Z39XwxV2JWM0ZsQXBLV1pMRy9IQ0tkU3hCOS9RZ2ZUZzd1SlFWZldSdE0wNE5HY21wa1R6Z3pHUU9kQjBFS1N4WlJadmxmM1h0Ym04a2k5aXI2YU4xMjBVaGttbkUwR0pQclIvWUp3M1h4SmU2ZmdUUEJVaVVBOVdLTkZrKzhTUUJXSE1qdGJWK0tRTnFFSVl0QnNNQm40N0dIZjNjOFBCUnJISnZ4VldPMWhBNm1mREhQZ1M5dXA5V0lCb25YN3ZFckI5UGdMOGt1TUZaNzduUWFOZW5pcnVLelhBTTRQd1RrWFRva2lKbnFWRW5OMERqRlh3bXVBN25QcDBXbGptek1VdkRzZzgwbGlpSFRybGsxU3oxdDVHWkNrV1MvR2h3UGYxbTdVMU5NRitSVWJqM3MyVjhnc2MzbXdpbk5rZmlLR3w&cppv=2
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDwWRRKWzghVKQYv4v7HhE8&google_cver=1
Request Chain 334
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSUZVNFctMTgtMUJKSA==
Request Chain 336
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XD6x-noULzW8RFsdfa-Xssn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NxDzq9ZE2oJKypVElaqf5cxsf9dMZLPI4URuCw--~A
Request Chain 337
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=o4W_-HI_RnuwIKgzEET3rg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=o4W_-HI_RnuwIKgzEET3rg
Request Chain 338
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKIFU4W-18-1BJH
Request Chain 339
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZlZjlkNGI2MjRjZjE0YTgwMGQ0ZjcyYjBjZmUyYmFkODhhMDhlZQ
Request Chain 340
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GGsSp19vRMqhKkEJGLHPPA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GGsSp19vRMqhKkEJGLHPPA
Request Chain 363
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=Nz5RG19qMSUyQlE0VWtHb1RGczlRZzRTdWN6YjJVM055VHZzOUJwT29jY0lqRUlGU1UlM0Q&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-dLbpNKIe7Z8ISyKz66OEDQOD1oqr521vbAGFGQ HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a18ac6ae-7789-4f67-810c-b4f2049570cf&ssp=criteo&gdpr=false&gdpr_consent=
Request Chain 364
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dBCxEK19uSm5nUDVGb1ZZS1ZQWm1NMUw5RXBkYUpMbEF3QVdpRjFUR2tFOUU0WHRjJTNE%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=BCxEK19uSm5nUDVGb1ZZS1ZQWm1NMUw5RXBkYUpMbEF3QVdpRjFUR2tFOUU0WHRjJTNE&u=b8d7e218-1be3-43bf-b7b6-a02ee7c1a549-tuctab19d8b
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB3skE4kFhquBsLX4OCeQpc&google_cver=1
Request Chain 379
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHu4V3zNjDkBE1UJPzlyjeU&google_cver=1&adform_v=1

419 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
diariodonordeste.verdesmares.com.br/ 		504 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
635db4552eb1469b2e327a3eb840eafb50933695f995f7a682afe380d96d551e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
content-type
text/html;charset=utf-8
date
Fri, 06 Jan 2023 12:45:26 GMT
server
gocache
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-cacheable
NO
x-frame-options
SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br
x-gocache-cachestatus
HIT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 12:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 12:13:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Jan 2023 12:45:26 GMT
base.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"2403-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
text/css
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:26 GMT
components.css
diariodonordeste.verdesmares.com.br/static/assets/styles/ 		119 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/styles/components.css?v=1.0.39
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"121759-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
text/css
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:26 GMT
light.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 		334 B
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/light.css?v=1.0.39
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"334-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
text/css
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:26 GMT
diario.css
diariodonordeste.verdesmares.com.br/static/assets/styles/themes/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/styles/themes/diario.css?v=1.0.39
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
38fc116785ae25f52631e992255d5c67cc26dc621e998e6301b9b66ad48435e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"14542-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
text/css
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:26 GMT
main.css
diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b136c61bf36c1dc4e5d5bcd88dc24126c1b0eb00056d6a768d76ade0062855fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Wed, 04 Jan 2023 05:16:34 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"43181-1672809394000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
text/css
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:26 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1d6e8daddba62809bcd91dcf7b3109469da7129bb81033b9d1899f232770168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27576
x-xss-protection
0
server
sffe
etag
"1443 / 167 of 1000 / last-modified: 1673006750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 12:45:27 GMT
p_googletag.js
diariodonordeste.verdesmares.com.br/static/assets/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/scripts/p_googletag.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:26 GMT
x-cache-rule
YES with ttl: 3600.000 /static/assets/scripts/p_googletag.js
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
1307
etag
W/"2534-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:26 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 12:45:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31976
x-xss-protection
0
server
sffe
etag
"e8e1d0567eb4b7ef"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 12:45:27 GMT
187307e1-8c37-4991-9aaa-71c2299dcc50.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/187307e1-8c37-4991-9aaa-71c2299dcc50.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86bcd335eb476f5e6caf27b16532055d27e9737dcc397fc001df967fe1eede71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
4419
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Jan 2023 18:35:33 GMT
server
cloudflare
etag
W/"714b2223aa6c68bdc47974a0ad8f5ba9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udXaaeMsIyxlEIjYZa4VD8BKFHoDW2S2ZpIjEpbsqGjVXWKtoSePn1ZbEWJ1AJZ1%2FE4zhdiFFqfiNwrUOIFqbYYEmuCFDzt2kMcyuMrqFNe4BzxGB%2Bdet0pm6d3Lsp5WzkF5WK0XHsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
78548d062a07914d-FRA
x-amz-cf-id
BV6tgVtiEYBRgxvo7qOr9ZZ6NUUhlkjs-DbcK3ZwUbYhwP5OYsC19w==
alexandre%20mota.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949537:1632956151/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2949537:1632956151/alexandre%20mota.jpg?f=1x1&$p$f=8232c5b
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
50e2046d98598eb3d15933fe759244180923a6a97926ba2a4ae0497c3eaf1af5
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
3294
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
800
x-original-image-height
1200
x-rendered-image-height
592
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.2949537:1632956151/alexandre%20mota.jpg?f=1x1&$p$f=8232c5b
server
gocache
etag
"policy:1.2949537:1632956151"
x-rendered-image-width
592
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
ARTM_SAMUEL2.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3141983:1632934010/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3141983:1632934010/ARTM_SAMUEL2.jpg?f=1x1&$p$f=95f247f
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
e2897f072ab49817b55117d5814ee2ecfa2e1d08c6eb704c6ba5a6a7ccade055
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
816
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
1134
x-original-image-height
975
x-rendered-image-height
975
content-length
72112
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3141983:1632934010/ARTM_SAMUEL2.jpg?f=1x1&$p$f=95f247f
server
gocache
etag
"policy:1.3141983:1632934010"
x-rendered-image-width
975
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:27 GMT
Victor_2_Easy-Resize.com.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3256523:1658161357/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3256523:1658161357/Victor_2_Easy-Resize.com.jpg?f=1x1&$p$f=b664d85
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
964565e96eba3653f3f34e6cab49ebb69a7e628e6f376d0b3995048e60d4c264
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
1978
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
1155
x-original-image-height
1280
x-rendered-image-height
816
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3256523:1658161357/Victor_2_Easy-Resize.com.jpg?f=1x1&$p$f=b664d85
server
gocache
etag
"policy:1.3256523:1658161357"
x-rendered-image-width
815
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
WhatsApp%20Image%202022-01-17%20at%2016.21.35.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1642447213/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181665:1642447213/WhatsApp%20Image%202022-01-17%20at%2016.21.35.jpeg?f=1x1&$p$f=8826b08
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
44785beca13e118ddd542af15e05c9464aad937564cc8bb57d666580376dec29
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
243
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
1280
x-original-image-height
1273
x-rendered-image-height
1273
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3181665:1642447213/WhatsApp%20Image%202022-01-17%20at%2016.21.35.jpeg?f=1x1&$p$f=8826b08
server
gocache
etag
"policy:1.3181665:1642447213"
x-rendered-image-width
1273
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Sem-T%C3%ADtulo-1.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
1584
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
850
x-original-image-height
850
x-rendered-image-height
850
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3181853:1642509659/Sem-T%C3%ADtulo-1.jpg?f=1x1&$p$f=de10c88
server
gocache
etag
"policy:1.3181853:1642509659"
x-rendered-image-width
850
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
1510
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
800
x-original-image-height
653
x-rendered-image-height
495
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3184465:1643113284/WhatsApp%20Image%202022-01-25%20at%2009.15.32%20(3).jpeg?f=1x1&$p$f=4078d9c
server
gocache
etag
"policy:1.3184465:1643113284"
x-rendered-image-width
495
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3180647:1642166599/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3180647:1642166599/WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg?f=1x1&$p$f=0f7315a
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b5ec2a4d1861890e777618cb339db16300cba327389383ea485ae69ec748b619
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
1
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
853
x-original-image-height
1280
x-rendered-image-height
481
content-length
19878
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3180647:1642166599/WhatsApp%20Image%202022-01-14%20at%2010.21.10.jpeg?f=1x1&$p$f=0f7315a
server
gocache
etag
"policy:1.3180647:1642166599"
x-rendered-image-width
481
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:27 GMT
WhatsApp%20Image%202022-07-18%20at%2013.57.24.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3257085:1658163653/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3257085:1658163653/WhatsApp%20Image%202022-07-18%20at%2013.57.24.jpeg?f=1x1&$p$f=52f2c4b
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
09f4ae5e27a58d2b26f5bbccb16cca8cc613a438cbddb8f74e391837a2b3cf1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
566
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
852
x-original-image-height
1280
x-rendered-image-height
852
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3257085:1658163653/WhatsApp%20Image%202022-07-18%20at%2013.57.24.jpeg?f=1x1&$p$f=52f2c4b
server
gocache
etag
"policy:1.3257085:1658163653"
x-rendered-image-width
852
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Igor%20Pires.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3260534:1658925367/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3260534:1658925367/Igor%20Pires.jpg?f=1x1&$p$f=9c59751
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
a6c012f52a79847e00cc1e8f8538fbd3a2237d06c78d56351a4fd844ee296279
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
31
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
813
x-original-image-height
1280
x-rendered-image-height
814
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3260534:1658925367/Igor%20Pires.jpg?f=1x1&$p$f=9c59751
server
gocache
etag
"policy:1.3260534:1658925367"
x-rendered-image-width
813
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Delania%20(2).jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3272895:1661886473/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3272895:1661886473/Delania%20(2).jpg?f=1x1&$p$f=c4388e3
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
89e58d6d9131d8aeb28df9336451c07dc343fcb995dd11c7a23ff10aea72ef4c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
584
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
786
x-original-image-height
803
x-rendered-image-height
786
content-length
31938
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3272895:1661886473/Delania%20(2).jpg?f=1x1&$p$f=c4388e3
server
gocache
etag
"policy:1.3272895:1661886473"
x-rendered-image-width
786
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:27 GMT
joao-neto-pb.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2965945:1594731309/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.2965945:1594731309/joao-neto-pb.jpg?f=1x1&$p$f=f505b52
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
3fdda19578136f4a3cb0b2286a601fbbb4228666504ede1a365830a182b1e904
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
2655
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
720
x-original-image-height
720
x-rendered-image-height
720
content-length
32872
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.2965945:1594731309/joao-neto-pb.jpg?f=1x1&$p$f=f505b52
server
gocache
etag
"policy:1.2965945:1594731309"
x-rendered-image-width
720
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:27 GMT
Germano.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3070690:1617918467/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3070690:1617918467/Germano.jpg?f=1x1&$p$f=2634315
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
cb628952d6bc075ff694798d2a8dcaf7c1917a933cccc195810db8af2d39f21a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
220
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
881
x-original-image-height
886
x-rendered-image-height
577
content-length
17742
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3070690:1617918467/Germano.jpg?f=1x1&$p$f=2634315
server
gocache
etag
"policy:1.3070690:1617918467"
x-rendered-image-width
576
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:27 GMT
8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3296069:1668275353/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3296069:1668275353/8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif?f=1x1&$p$f=9621649
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
47b7b61d4a719998ac12bf2e12279a9175c971e617eb6544766cf8c5f0369459
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3296069:1668275353/8a60ab66-f6bb-4296-8910-86120a9a61a3.jfif?f=1x1&$p$f=9621649
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
211
etag
W/"policy:1.3296069:1668275353"
x-rendered-image-width
569
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-original-image-width
853
content-type
image/jpeg
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-height
1280
x-rendered-image-height
569
ana-alves.png
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3319358:1672692751/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3319358:1672692751/ana-alves.png?f=1x1&$p$f=931bf4a
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
62c5f695770b1949c73438e22336075f2c8ee0da9fb98b54b4350749ecb6bbd8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
34
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
600
x-original-image-height
918
x-rendered-image-height
600
content-length
39194
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3319358:1672692751/ana-alves.png?f=1x1&$p$f=931bf4a
server
gocache
etag
"policy:1.3319358:1672692751"
x-rendered-image-width
599
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:27 GMT
WhatsApp%20Image%202022-01-03%20at%2012.58.16.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3177150:1641306476/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3177150:1641306476/WhatsApp%20Image%202022-01-03%20at%2012.58.16.jpeg?f=1x1&$p$f=25b45a2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
7b3e1381a618c7a746ec787409d36256763a1a9e57489daea865e7726ff506cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
116
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
1080
x-original-image-height
1080
x-rendered-image-height
1080
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3177150:1641306476/WhatsApp%20Image%202022-01-03%20at%2012.58.16.jpeg?f=1x1&$p$f=25b45a2
server
gocache
etag
"policy:1.3177150:1641306476"
x-rendered-image-width
1080
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Jeritza%20Gurgel.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3023895:1608638084/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3023895:1608638084/Jeritza%20Gurgel.jpg?f=1x1&$p$f=ded099d
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
d7534b85b050963115a9f1ae415c2ca510316892cee81d03c5440e0eb3f9b6c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
426
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
400
x-original-image-height
400
x-rendered-image-height
400
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3023895:1608638084/Jeritza%20Gurgel.jpg?f=1x1&$p$f=ded099d
server
gocache
etag
"policy:1.3023895:1608638084"
x-rendered-image-width
400
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
ONIX.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3041803:1672941487/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3041803:1672941487/ONIX.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e5bc2c8
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
5b803dc09fc8c3effd748d8703593402e5e9e0d4f4b5e07deb28979aa856fb60
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
1065
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
851
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3041803:1672941487/ONIX.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=e5bc2c8
server
gocache
etag
"policy:1.3041803:1672941487"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Escolas-Ceara.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3286034:1668698375/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3286034:1668698375/Escolas-Ceara.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=4e56117
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
abf535d4735df96355294590ac4e53ee2fa9f58e13b222e6ee067152eea56c62
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
1361
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
720
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3286034:1668698375/Escolas-Ceara.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=4e56117
server
gocache
etag
"policy:1.3286034:1668698375"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Vitoria-Emanuelly-Lopes-Bandeira.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3314709:1671572664/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3314709:1671572664/Vitoria-Emanuelly-Lopes-Bandeira.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=77f052a
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
f78b7c22a682654ff65da1cb8b038dd1a5ba173ecc7cab15f54da8e01696f2bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
0
x-gocache-cachestatus
HIT
x-cache
MISS
x-original-image-width
1280
x-original-image-height
853
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3314709:1671572664/Vitoria-Emanuelly-Lopes-Bandeira.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=77f052a
server
gocache
etag
W/"policy:1.3314709:1671572664"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Conteineres.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320632:1672950321/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320632:1672950321/Conteineres.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=02cad0d
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
4917de17d867bc35fa51ba7f9963c3e1786a6320c62f603b9fe1b11ebca9c594
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
46
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
853
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320632:1672950321/Conteineres.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=02cad0d
server
gocache
etag
"policy:1.3320632:1672950321"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
Gloria-Maria.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320762:1672969226/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320762:1672969226/Gloria-Maria.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=42ff796
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
c69727d0f46ea06b45f9f22564fe520a7eb84963204ca03612c00cdfb461347a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
204
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
900
x-original-image-height
506
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320762:1672969226/Gloria-Maria.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=42ff796
server
gocache
etag
"policy:1.3320762:1672969226"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
Presidio.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320602:1672947697/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320602:1672947697/Presidio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a9e499e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
2503393789616a9f6c78898ffb237c424895227bddf1b3687d667b64e83d4fca
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
0
x-gocache-cachestatus
HIT
x-cache
MISS
x-original-image-width
1278
x-original-image-height
719
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320602:1672947697/Presidio.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a9e499e
server
gocache
etag
W/"policy:1.3320602:1672947697"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
Gallardo-tecnico-de-futebol.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320812:1673005145/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320812:1673005145/Gallardo-tecnico-de-futebol.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a99d2fd
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
2c8ea603653d9a56e2f3325e359e1967d46ee2ecac8add37eb3958ac73ed079e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
0
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1024
x-original-image-height
682
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320812:1673005145/Gallardo-tecnico-de-futebol.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a99d2fd
server
gocache
etag
W/"policy:1.3320812:1673005145"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
Ultraleve.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:7.4748161:1672955006/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:7.4748161:1672955006/Ultraleve.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=5d80314
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
d0eccb46386f3477525740decb6c4e29ec38ad2feaebfaf29493f807ddbd6785
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
31
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
960
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:7.4748161:1672955006/Ultraleve.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=5d80314
server
gocache
etag
"policy:7.4748161:1672955006"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
Solideu.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320512:1672936503/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320512:1672936503/Solideu.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b9c7b0d
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
d8d4b2ee7a4c72c4a133b054f4664754d6a167768520f10eb695d4bff99af79f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
1290
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1080
x-original-image-height
1080
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320512:1672936503/Solideu.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=b9c7b0d
server
gocache
etag
"policy:1.3320512:1672936503"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
mestre-dancando.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320002:1672832087/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320002:1672832087/mestre-dancando.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=724770b
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
06fb44187ece062fdd6007f696b51a66e199163b2a86af9788b5cd4809ae7af8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
2
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1899
x-original-image-height
1835
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320002:1672832087/mestre-dancando.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=724770b
server
gocache
etag
"policy:1.3320002:1672832087"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
Mila.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320715:1672959204/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320715:1672959204/Mila.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ba8e6d6
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
e6186898d3adab025723d21c7811706eae76408cf704a00aef1241f2287cad08
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
24
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
853
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320715:1672959204/Mila.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=ba8e6d6
server
gocache
etag
"policy:1.3320715:1672959204"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Camera-corporal.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320459:1672926269/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320459:1672926269/Camera-corporal.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=c1d1d67
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
4b7695e314e153f48d34c2b4a03f7bbc9615ee68a73828a7be1baff788939241
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
500
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
960
x-original-image-height
1280
x-rendered-image-height
314
content-length
15942
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320459:1672926269/Camera-corporal.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=c1d1d67
server
gocache
etag
"policy:1.3320459:1672926269"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:28 GMT
Shakira.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320800:1673001871/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320800:1673001871/Shakira.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=1588a2e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
6bc5972ea91a58e3ba92b9dec362a2fa419e8e85bead975a4804ae5d03f89784
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
38
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1443
x-original-image-height
967
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320800:1673001871/Shakira.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=1588a2e
server
gocache
etag
"policy:1.3320800:1673001871"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
romi.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320768:1672970405/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320768:1672970405/romi.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=5dd5f28
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
537c27f5390787f389c5e0600f22458a8a3ca65dc43d27ec4c465b851553c595
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
34
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
1024
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320768:1672970405/romi.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=5dd5f28
server
gocache
etag
"policy:1.3320768:1672970405"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Daniel-Alves-lateral-selec-o.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320807:1673003821/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320807:1673003821/Daniel-Alves-lateral-selec-o.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=3b0c694
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
54dff538ad0bf2c70e55939473ab7d709bfa5af7518cffc7d9262e10d5b38b81
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
20
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1024
x-original-image-height
682
x-rendered-image-height
314
content-length
19968
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320807:1673003821/Daniel-Alves-lateral-selec-o.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=3b0c694
server
gocache
etag
"policy:1.3320807:1673003821"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:28 GMT
Lucero.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320777:1672975676/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320777:1672975676/Lucero.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=34af788
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
a4503362cad5e457e4e26453273c26cfdaca7aa25f8a76f5508746b94046b3f8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
32
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1600
x-original-image-height
1067
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320777:1672975676/Lucero.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=34af788
server
gocache
etag
"policy:1.3320777:1672975676"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
aguilar.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320625:1672949479/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320625:1672949479/aguilar.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=db846d4
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
c1f3d9e7f727bd94ce12e12449c6487fa89deb751c563b14106903a0db9492e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
160
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
853
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320625:1672949479/aguilar.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=db846d4
server
gocache
etag
"policy:1.3320625:1672949479"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Renatinho-Bokaloka.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320753:1672967305/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320753:1672967305/Renatinho-Bokaloka.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8f64b6e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
49fa8f18013b0422147f433164e8f53fcab977716a70175a134176060616bd12
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
5
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
750
x-original-image-height
521
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320753:1672967305/Renatinho-Bokaloka.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=8f64b6e
server
gocache
etag
"policy:1.3320753:1672967305"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Obras.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320720:1672959755/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320720:1672959755/Obras.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a6855db
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
8ed2b91eda7c0499b97a33861806d0ed9b4d1837445d2419bfdb01148e9fb86a
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
136
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
898
x-original-image-height
528
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320720:1672959755/Obras.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=a6855db
server
gocache
etag
"policy:1.3320720:1672959755"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
Policia-Militar.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320505:1672941702/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320505:1672941702/Policia-Militar.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=164606d
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
be5dac88f846981a45b8194fedaa0d03459211bcca1bf28a7fc43e0bbb2aea00
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
3120
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1600
x-original-image-height
1200
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320505:1672941702/Policia-Militar.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=164606d
server
gocache
etag
"policy:1.3320505:1672941702"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Iguatu.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320551:1672941953/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320551:1672941953/Iguatu.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=be48757
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b02160bfac2ae893c79e5550af05a89cab4abfdf3a410f88245f2da7faa200a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
3
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
1280
x-original-image-height
720
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320551:1672941953/Iguatu.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=be48757
server
gocache
etag
"policy:1.3320551:1672941953"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Francisco-Nycollas-Machado-Guarinho.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3314686:1671570505/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3314686:1671570505/Francisco-Nycollas-Machado-Guarinho.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=50c0619
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
6c3454b7d7950ad36eb92e3804c320a79054cb9cb028b4a3949c55c68aa8b393
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
34
x-gocache-cachestatus
REVALIDATED, REVALIDATED
x-cache
HIT
x-original-image-width
1280
x-original-image-height
853
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3314686:1671570505/Francisco-Nycollas-Machado-Guarinho.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=50c0619
server
gocache
etag
"policy:1.3314686:1671570505"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Klara-Castanho.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320774:1672972574/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320774:1672972574/Klara-Castanho.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=56ad6e3
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
a8354377842b642d431956bd66b9399c3084768ae66002d80be5528c559e4eec
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
426
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1200
x-original-image-height
675
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320774:1672972574/Klara-Castanho.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=56ad6e3
server
gocache
etag
"policy:1.3320774:1672972574"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
Roubo-farol-carro-de-luxo.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320748:1672966171/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320748:1672966171/Roubo-farol-carro-de-luxo.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9ba32f0
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
230fca95e5ec8529298e60e4840e6af672672d0c3ec4c3e2026ee2bbbaa77e6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
8
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1634
x-original-image-height
990
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320748:1672966171/Roubo-farol-carro-de-luxo.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9ba32f0
server
gocache
etag
"policy:1.3320748:1672966171"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:28 GMT
alexandre-de-moraes.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3096748:1672959252/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3096748:1672959252/alexandre-de-moraes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9042a60
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
3940c990ba192e1435272555be46f92e1a0639bf7a79094fb0a2b78c5055a655
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
33
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1280
x-original-image-height
852
x-rendered-image-height
314
content-length
17120
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3096748:1672959252/alexandre-de-moraes.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=9042a60
server
gocache
etag
"policy:1.3096748:1672959252"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:28 GMT
Marcio-Freire.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320615:1672948810/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320615:1672948810/Marcio-Freire.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=11ca209
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
1d72f5138995e2e23818bcb586b4e1a9a2fef742e062c81f114ac67b6719e23f
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
optimized
age
98
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
1656
x-original-image-height
2048
x-rendered-image-height
314
content-length
18700
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320615:1672948810/Marcio-Freire.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=11ca209
server
gocache
etag
"policy:1.3320615:1672948810"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/webp
cache-control
max-age=1296000
accept-ranges
bytes
expires
Sat, 21 Jan 2023 12:45:28 GMT
Gasolina-Fortaleza.jpg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320082:1672843158/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320082:1672843158/Gasolina-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=86223aa
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b8f4ef9a5c5344789257208f59dc09c4cc35927a30aff3f98a6f4c952ebbae8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
346
x-gocache-cachestatus
REVALIDATED, EXPIRED
x-cache
HIT
x-original-image-width
1600
x-original-image-height
1066
x-rendered-image-height
314
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320082:1672843158/Gasolina-Fortaleza.jpg?f=4x3&h=314&q=0.8&w=420&$p$f$h$q$w=86223aa
server
gocache
etag
"policy:1.3320082:1672843158"
x-rendered-image-width
418
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
jquery-1.11.0.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.0.min.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPfL4J0GEpIBCiRiZGYzMmNlMi03ZmVlLTQyYWItYjBhZS03NzE2N2U4NmNkNDUQ+OiCoKvU+wIaBgjnr+CdBiIXMjAwMToxYjYwOjI6MjQwOjMyNDc6Ojco8p8CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiRiMjE3ODMwYi00Mzg0LTRjNTctOTRmZi00ZTJkODQ5ZjljMzIYzYQCIhgIAhIUY2RzMDAxLmZyOC5od2Nkbi5uZXQ=.sK2ac4R3KbYBVLIIuVel/lFEGPedXl+4ZllM+Sk0K98=
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-1787d"
vary
Accept-Encoding
x-hw
1673009127.dop144.fr8.t,1673009127.cds326.fr8.hn,1673009127.cds001.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33357
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
gzip
x-sp-metadata
HS256.CPfL4J0GEpIBCiRiOWJhZDQ2Yi04YTVjLTQ1NTgtYmJmMS01YTBhODMwZjBhZDAQ+OiCoKvU+wIaBgjnr+CdBiIXMjAwMToxYjYwOjI6MjQwOjMyNDc6Ojco8p8CMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaKwgBEiQxNzExZjRlYy0yMzBlLTQwMmYtYWE5NS0yODEwZTMzZTk5NjYY9xciGAgCEhRjZHMxNjEuZnI4Lmh3Y2RuLm5ldA==.UL3Wl++D0Xgosg0TEtjdh8kNIw4cSCGiZqr9wwo86sc=
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-1c1f"
vary
Accept-Encoding
x-hw
1673009127.dop144.fr8.t,1673009127.cds326.fr8.hn,1673009127.cds161.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3063
morpheus.js
diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/scripts/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/css/diario/assets/morpheus/scripts/morpheus.js?v=1.0.39
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
a813062a7f0437a92984ea3a39feec5b7f070309be4765804739bb6917ecc6db
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 2592000.000 /css/diario/assets/morpheus/scripts/morpheus.js?v=1.0.39
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 03 Jun 2022 04:53:26 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
160727
etag
W/"30240-1654232006000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
index.js
diariodonordeste.verdesmares.com.br/static/morpheus-web/vanilla/dist/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/vanilla/dist/index.js?v=1.20.7
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
92cffc96d80411d52866dd5ff62630ae8a1dad1cb4bd1b95c7d0e72b95aa2afd
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Wed, 04 Jan 2023 05:16:34 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"81111-1672809394000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
web-components.esm.js
diariodonordeste.verdesmares.com.br/static/morpheus-web/web-components/www/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/web-components/www/build/web-components.esm.js?v=1.20.7
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b4a85e97882de120942a728bbf95854c74176feb55c8e8c278a93d325d1ae82e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Wed, 04 Jan 2023 05:16:34 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"3822-1672809394000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
com.atex.gong.paywall.membership.js
diariodonordeste.verdesmares.com.br/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/js/com.atex.gong.paywall.membership.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /js/com.atex.gong.paywall.membership.js
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 May 2020 20:08:38 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
1618
etag
W/"7606-1590005318000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
lazy.js
diariodonordeste.verdesmares.com.br/static/diario/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/diario/assets/js/lazy.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
4dc1ff3b77f0146e967c433c5fe7e039f607af8c487a92015389629331c1d775
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /static/diario/assets/js/lazy.js
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 26 Nov 2021 04:57:58 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
3009
etag
W/"4343-1637902678000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
group-widgets.js
diariodonordeste.verdesmares.com.br/static/diario/assets/js/ 		540 B
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/diario/assets/js/group-widgets.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
53cb63726a0b21ca199891a569d46bf700bee8f9afd9c377570dfcf5c0e2cdb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /static/diario/assets/js/group-widgets.js
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Dec 2021 05:07:44 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
3216
etag
W/"540-1640754464000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
advertisingSticky.js
diariodonordeste.verdesmares.com.br/static/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/scripts/advertisingSticky.js?v=1
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
74579a8b4fe27aa309796dcc0cfb3a592762a369cfa3c807ab7b6e7e60f1f891
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
x-cacheable
NO
server
gocache
age
0
etag
W/"1544-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
WhatsApp%20Image%202023-01-06%20at%2000.10.56.jpeg
diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320769:1672974676/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/image/contentid/policy:1.3320769:1672974676/WhatsApp%20Image%202023-01-06%20at%2000.10.56.jpeg?h=496&w=340&$p$h$w=2643a68
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b9fa61bfa43c8235f98a6c719d621464cf8548d33e3c1b104f10e57dd2d5bb2c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-gocache-image
unmodified
age
57
x-gocache-cachestatus
HIT
x-cache
HIT
x-original-image-width
875
x-original-image-height
1280
x-rendered-image-height
496
x-cache-rule
YES with ttl: 3600.000 /image/contentid/policy:1.3320769:1672974676/WhatsApp%20Image%202023-01-06%20at%2000.10.56.jpeg?h=496&w=340&$p$h$w=2643a68
server
gocache
etag
"policy:1.3320769:1672974676"
x-rendered-image-width
339
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
content-type
image/jpeg
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.4.5/
Redirect Chain
  • https://unpkg.com/swiper@8/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3975655
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GJD2BAEBYRK27EXVE66Q9C44-fra
server
cloudflare
etag
W/"4056-knQFLPhd7qTFS8igAGqEi45G1Ug"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78548d066f779299-FRA

Redirect headers

date
Fri, 06 Jan 2023 12:45:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GP3HTPXQ2K3X1HCDEY6GA0JY-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/swiper@8.4.5/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
78548d061f169299-FRA
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 17 May 2022 12:22:37 GMT
server
cloudflare
age
2238
etag
W/"6283938d-3671"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
78548d062edd9259-FRA
expires
Fri, 06 Jan 2023 13:08:09 GMT
loader.js
cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/ 		407 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a88d6816b0921f68c81166f231aac459941bbde4376724a4f5c2c2d7f7275a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
XhshC6bhL5ESqWI86qBaqCICvYiVi964
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:27 GMT
x-amz-request-id
4B4VAK94JJY6VS4F
age
60
x-cache
HIT
content-length
33085
x-amz-id-2
ZuwR2qrfnCUE8LyL67guNLGXaXqBKd53p0e19/k2cIVDadroscKFp+ENDPrsw/CJ9PAC18sJBYA=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 10:21:38 GMT
server
AmazonS3
x-timer
S1673009127.377389,VS0,VE1
etag
"144713c15e0e1b70672d75a6823fdb64"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
94
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		161 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0a56803d6a521a780dfbf099724d443c36c93de37029e6729b12d602cc583d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58402
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Jan 2023 12:45:27 GMT
newsroom.js
c2.taboola.com/nr/diariodonordeste-diariodonordeste/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
128d2cf69ce3669c10edf58d4e8049b363f7f857e9a0608769ab83e0d5ea33bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:27 GMT
x-amz-request-id
C3WPMTEGYHMA2A03
age
0
x-cache
HIT
content-length
17267
x-amz-id-2
sys6UiaEonjy1eXzC7JBb/hWAq8jY8aMlFPC7diiVX5x+Fc6vaES3F5Li1mX/tQkaQiaEr/V+xQ=
x-served-by
cache-hhn-etou8220021-HHN
last-modified
Thu, 17 Feb 2022 22:20:57 GMT
server
AmazonS3
x-timer
S1673009127.405266,VS0,VE196
etag
"2bd02c30770a862797f357ab39c187a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 03:10:59 GMT
x-content-type-options
nosniff
age
120868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 03:10:59 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:18:08 GMT
x-content-type-options
nosniff
age
52039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 22:18:08 GMT
ArdinaText-Medium.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ArdinaText-Medium.woff2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /static/assets/fonts/ardina-text/ArdinaText-Medium.woff2
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
2849
etag
W/"19032-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
font/woff2;charset=utf-8
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
ArdinaText-Bold.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/fonts/ardina-text/ArdinaText-Bold.woff2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /static/assets/fonts/ardina-text/ArdinaText-Bold.woff2
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
3161
etag
W/"19260-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
font/woff2;charset=utf-8
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
icofont.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/ 		525 KB
527 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/fonts/icofont/icofont.woff2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/static/assets/styles/base.css?v=1.0.39
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /static/assets/fonts/icofont/icofont.woff2
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
3306
etag
W/"537868-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
font/woff2;charset=utf-8
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
longitude-display-inline.woff2
diariodonordeste.verdesmares.com.br/static/assets/fonts/longitude-display-inline/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/assets/fonts/longitude-display-inline/longitude-display-inline.woff2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
4829ca9e6ed3a3620fe05f1cc9ac86c6bba79da2f2a67e98b81dae9fd05fd806
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /static/assets/fonts/longitude-display-inline/longitude-display-inline.woff2
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 10 Jun 2022 09:09:20 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
3038
etag
W/"25808-1654852160000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
font/woff2;charset=utf-8
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
ilabspush.min.js
cdn.pn.vg/push/ 		190 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/187307e1-8c37-4991-9aaa-71c2299dcc50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1827183ce5096d3153438efe0add7a564624d4b56ccab18f07e8db2dbe0fa51f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
272
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 22 Dec 2022 14:36:20 GMT
server
cloudflare
etag
W/"782c2e5de7645eec703adaf961002004"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yh7nr405DizKjiuF59K8wbzsz6gNAFk%2B9WdJlNRW8lKNXLc8WyHo0PT4Dmu%2Bhyc%2BklMwGE4nCQw3maVR7xx%2FePJvN8%2F2YVkXUTmDcM5Izd6M3sazRumr%2FCSJlWnCMU3DAZVf%2FyLoZo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
78548d066a83914d-FRA
x-amz-cf-id
uz2ZQcGfrwMD2VjWbizQpt3m77IzL9BfimsalrSMVkeBDsprhgQG6w==
82438
tag.navdmp.com/u/ 		500 B
507 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/82438
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 25 May 2022 11:58:12 GMT
server
cloudflare
etag
W/"628e19d4-1f4"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
78548d066f329259-FRA
expires
Fri, 06 Jan 2023 13:45:27 GMT
load.js
widget.perfectmarket.com/diariodonordeste-diariodonordeste/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/diariodonordeste-diariodonordeste/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a9c491b50bba720218e34460861af80230634424a8492598b0561802d73b3c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
AmhLqBLRZHY.Aosr9D9jNSh55WTKn4jT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 06 Jan 2023 12:45:27 GMT
x-amz-request-id
F7SF53424XVE5EQZ
age
276
x-cache
HIT, HIT
content-length
1157
x-amz-id-2
rn0ssK+gkQRoKNw0XWHkTO4jZR7nJmQP2JTxmv9Ntiste2voUBLDRJIYAsLUnYn1VeMjuWwkbTY=
x-served-by
cache-sna10720-LGB, cache-hhn-etou8220087-HHN
last-modified
Tue, 01 Mar 2022 17:48:34 GMT
server
AmazonS3
x-timer
S1673009127.498040,VS0,VE1
etag
"b52d83120e4bcee7d5763061828c3ad1"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1, 1
impl.20230105-3-RELEASE.js
cdn.taboola.com/libtrc/ 		711 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230105-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
eb50a18b227110f8e6a6bcda9b4765a4fe392f8a56807da6c36ce11ef96bef04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
hXHa26_sBbyEnu_DDR6oYE5rJwXXfDli
content-encoding
br
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:27 GMT
x-amz-request-id
6DXSRQQXCH023S9F
age
11169
x-cache
HIT
content-length
150998
x-amz-id-2
7Z86Qr4bZ1MZy06lb91vNzZu3IQyust2bf+8Om9RlzzbBPaH1kC7Q14GrN/s7hYHuvFz/QzHQq4=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 09:38:26 GMT
server
AmazonS3-br
x-timer
S1673009127.460350,VS0,VE0
etag
"ee3681757e301932a93752654015340c"
vary
Accept-Encoding
content-type
application/javascript
abp
49
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
54469
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 07:06:26 GMT
content-encoding
gzip
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
20342
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
q5wYQngx8DJpLmte63hwrWAKiC9j__LdpbnmYPmEafoAVY_UDnm14g==
pubads_impl_2022120801.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 17:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132306
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 09:38:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 05 Jan 2024 17:22:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		157 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=diariodonordeste.verdesmares.com.br
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1538fb1d271d15c842a46eff6e08f8fa83679543260bc36670a33da3170fe21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:27 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		92 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fd1fd68a5510ed26f9ff18454ae1938af92d6b55c6b415514bbe6a3ab789356

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
gzip
x-b3-traceid
e3d1bf51b42345509af38674ba78a539
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
addffa3d88e0454d9c5569ce098b499c
content-length
26579
x-served-by
cache-hhn-etou8220023-HHN
last-modified
Thu, 05 Jan 2023 11:03:04 GMT
server
AmazonS3
x-timer
S1673009128.573550,VS0,VE1
etag
W/"ebeec72a9926e019551606e6a9837cbd"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
AM6cAeGr4dBPFivujbP766l0RkCHist0sdEwYDdtLMKHJ-QVee69Hg==
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 11:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3283
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 06 Jan 2023 13:50:44 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d54ee5bc808b7614257c4430045c5133792eeb5c62771a3ff26334e1c54a707d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78694
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 06 Jan 2023 12:45:27 GMT
pushnews-sw.js
diariodonordeste.verdesmares.com.br/ 		95 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/pushnews-sw.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:27 GMT
x-cache-rule
YES with ttl: 3600.000 /pushnews-sw.js
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 04 Jan 2023 05:16:34 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
0
etag
W/"95-1672809394000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:27 GMT
cookie.html
cookies.pn.vg/ Frame ADD2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.pn.vg/cookie.html
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3281
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
78548d0ccfa8914d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 Jan 2023 12:45:28 GMT
last-modified
Wed, 12 Jan 2022 17:09:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Bj6e2gxaUD2jzp8D0TedF8kRa9lyUyNUEu94Uy%2FaHQZJ1ThKAMyNUWWwbK0mm1XsOglI5ZuBUlH9IsPB8lcCEsV3oXKgfhO8kcWkEGEMGXXtuBrDM95%2Bu%2BhWxMJXjJawaor3wq53FvC%2BOxv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-id
3Lsw_aeXXGWppakI5EDfNxO_3F4Dk7QS8TqUSk56YBECvlGnbgP7hA==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
ArdinaText-Bold.woff2
diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ArdinaText-Bold.woff2
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
x-cache-rule
NOT: beresp.status : 404
content-encoding
br
server
gocache
age
0
x-gocache-cachestatus
MISS
x-frame-options
SAMEORIGIN
x-cache
MISS
content-type
text/html;charset=utf-8
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230105-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
487872
expires
60
json
trc.taboola.com/diariodonordeste-diariodonordeste/trc/3/ 		31 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/diariodonordeste-diariodonordeste/trc/3/json?tim=12%3A45%3A28.473&lti=deflated&data=%7B%22id%22%3A442%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1672914085054%2C%22vi%22%3A1673009128471%2C%22cv%22%3A%2220230105-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9098%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-a-home%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A9066.453125%2C%22mw%22%3A1248%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-a-home%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230105-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6256d639de09c364164ea15a0c57669ceaa574ffa0d129950dc2fb19f3bd1665

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
492
date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220091-HHN
server
nginx
x-timer
S1673009128.498213,VS0,VE492
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariodonordeste-diariodonordeste/log/2/debug?tim=12%3A45%3A28.467&type=usage&msg=rtus&llvl=2&id=2704&cv=20230105-3-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27141
pmk-202010011.1.js
widget.perfectmarket.com/diariodonordeste-diariodonordeste/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/diariodonordeste-diariodonordeste/pmk-202010011.1.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/diariodonordeste-diariodonordeste/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf719cd6c1893ef28246de19a56d2e900e3d3d64db739f2e8710fd0a002ce51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ajpPHFnjf9PwUo8gwPgqxjRvzqIHOOtO
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 06 Jan 2023 12:45:28 GMT
x-amz-request-id
QGNACW5R8Q89AQ5S
age
3194711
x-cache
HIT, HIT
content-length
27705
x-amz-id-2
bE+hjLSXh8RV+FILI6DSUNfxDvgKlw6cYB4SyPuL6xeupPa3yMgeI2d+2Ya+3Ud9TKUbXVy4Sz0=
x-served-by
cache-sna10746-LGB, cache-hhn-etou8220087-HHN
last-modified
Tue, 01 Mar 2022 17:48:33 GMT
server
AmazonS3
x-timer
S1673009129.511194,VS0,VE1
etag
"3e47f5b37f5efa28d6996943be401ec4"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
660, 1
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1673009128513&ns_c=UTF-8&c7=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&c8=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&c9=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Oa3lYp7nr7lwBYJXZhtT8VeD5kT-HwvyQFGsYyDCZ_QU9n8bjSENNA==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=20663921&cs_it=b3&cv=3.8.0.210223&ns__t=1673009128514&ns_c=UTF-8&c7=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&c8=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&c9=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-32.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
UuRiMvKHmmS8XF0nLk9hrIU65IyAMBrxFirwaowLfV9jrRU9RP5uUA==
x-cache
Miss from cloudfront
usr
usr.navdmp.com/ 		359 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=9&acc=82438&u=1&new=1&wst=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6dfa2c04db388863830532cfdb8853889002cf88d189761188b33a90f9e56fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
78548d0d791c9259-FRA
expires
Fri, 06 Jan 2023 13:45:28 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=712901505&t=pageview&_s=1&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1554402258&gjid=2075691802&cid=1897933078.1673009129&tid=UA-41498495-1&_gid=467650393.1673009129&_r=1&gtm=2wg1205XXKK2&z=737497390
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
360 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3DESQCJNQ5&gtm=2oe120&_p=712901505&cid=1897933078.1673009129&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673009128&sct=1&seg=0&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DESQCJNQ5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CSLB1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=1&adks=3090499511&didk=2191766400&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128622&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=250&adys=290&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd4b39c5826c4be19da1d80687c15c2ae61eeb4b82dc1a8930eeab511b2077cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10156
x-xss-protection
0
google-lineitem-id
6176402144
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138415728251
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3EFC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:28 GMT
expires
Sat, 06 Jan 2024 12:45:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e8n0t8ubqm
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/e8n0t8ubqm
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb7903f120120ae732a7bf2fb5349ddbe1c162b3b76381aeff30b73131ab86e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 06 Jan 2023 12:45:28 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
06Be4YwAAAAAIHYfIrSbxQIQSG0Nf21upRlJBMzFFREdFMDMxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
amp-instagram-0.1.js
cdn.ampproject.org/v0/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-instagram-0.1.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2965fadd418cc11b273221a6353c2ca21925254185816b974559e271de9549e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 12:45:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2199
x-xss-protection
0
server
sffe
etag
"de98ab9eb5cf974a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Jan 2023 12:45:28 GMT
p.gif
diariodonordeste.verdesmares.com.br/logger/ 		43 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://diariodonordeste.verdesmares.com.br/logger/p.gif?d=/2.16447/2.246
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
f3cd5c20a3884bd7cda8eb950adeba86736e8cbf6ae2fa7f84ece1ced383445c
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable
NO:Not-Cacheable
server
gocache
x-gocache-image
optimized
age
0
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
MISS
content-type
image/gif
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
accept-ranges
bytes
content-length
43
expires
Sat, 21 Jan 2023 12:45:29 GMT
ingest.php
events.newsroom.bi/ 		126 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
active
flowcards.mrf.io/json/ 		55 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=391&page_technology=0
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
67d7eb6805d29f099e89378123cfcf4f377d45ee2d660fffed82a5c1e3e1dbc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
x-b3-traceid
15ed1f7524a44abfba7218439fa0d609
x-cache
HIT
mrf-cache-status
H
x-envoy-upstream-service-time
105
x-b3-traceid-primal
b66c9a8ff8fe47c5999aa4bb717531a2
content-length
78
x-served-by
cache-hhn-etou8220031-HHN
server
istio-envoy
x-timer
S1673009129.761192,VS0,VE1
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1
get-action
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 		132 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/get-action?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=156603587177440471&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b8aa5824cd6fc4c4ade331047b9cd5c7651dd26be9b2551bb3817fe019800bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220091-HHN
tbl-x-upstream
10.45.61.220:8080
date
Fri, 06 Jan 2023 12:45:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1673009129.748813,VS0,VE73
x-cache
MISS
content-type
application/json;charset=UTF-8
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ 		4 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41498495-1&cid=1897933078.1673009129&jid=1554402258&gjid=2075691802&_gid=467650393.1673009129&_u=YEBAAEAAAAAAACAAI~&z=1984417698
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 06 Jan 2023 12:45:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CMP2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=2&adks=1708099864&didk=342283315&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128727&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=1064&adys=5844&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3ff3c56ac7cdb7c92f31da7cab1d0149087566c5bd7bf4674ce639f64998502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20943
x-xss-protection
0
google-lineitem-id
6193725052
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138418634949
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CMP1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=3&adks=1080141123&didk=3952535971&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128731&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=1064&adys=2639&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e412890822de8bad80ce9fad9b7a9f735b00777bdabdca8c2ce141a922cb7641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20485
x-xss-protection
0
google-lineitem-id
6191969190
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138418911921
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CRET1&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=4&adks=1112036425&didk=4285333354&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128735&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=1064&adys=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74f09b520d816083c87e4bf2da75b1ef4aabb3dfa7d703b5b984fb45bd337d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12754
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CRET2&enc_prev_ius=%2F0%2F1&prev_iu_szs=360x360%7C360x720%7C300x250%7C1x1&ifi=5&adks=2218249850&didk=1973987726&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128738&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=1064&adys=4645&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=360x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6efc1eb06ba493d312c04abc0419ef0e4d5d908b0ebbb26c674fbdf755613392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21035
x-xss-protection
0
google-lineitem-id
6193736566
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138418625385
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		533 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CBILL&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=6&adks=1601506147&didk=217952800&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128742&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=694&adys=1434&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=360x0&msz=1100x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73e9d35950d4804c128bb6ff550bd80a0e3933ed54803029602cf3897a18b219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		559 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CSLB3&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=7&adks=1164627125&didk=3484108123&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128746&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=250&adys=4477&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
802fab38b64f358bdea22f4e018f75b4a12f29817f100c29dbd6293c589fd4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=1028625%2CSLB2&enc_prev_ius=%2F0%2F1&prev_iu_szs=1100x275%7C1100x110%7C728x90%7C1x1&ifi=8&adks=451852547&didk=1316692529&sfv=1-0-40&prev_scp=test%3Dlazyload&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1673009128749&lmt=1673009128&dlt=1673009126853&idt=1735&adxs=250&adys=2228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1248x0&msz=1100x0&fws=0&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f73690dd3b92b464bc80bff96fac53bcf7dc053b1cccc95aa894b1b3af82c7b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20872
x-xss-protection
0
google-lineitem-id
6193736572
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138418625433
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
24efd11c-063c-46de-9749-1636434fcb6c
tags.premiumads.com.br/dfp/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2609d2941b88e186cb2214b99eaff1a01cde5a573039afb2bb8268bea7660ebc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 05 Jan 2023 20:01:51 GMT
server
cloudflare
age
60218
x-powered-by
ASP.NET
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC0HHNhPqoBgTo56qU2nT7vLyw1k3qNPiRxacKzYwzmvHHKfDFNMFu9StUtuMkb1VWm6%2BUruue2ELb25JMS4LEpsSkt25W6asUMK5faxq8nZINHKVD%2BkxOes43znHMGPvZxug1c7xpBqgDoVKWWVw3sir8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
78548d1129e69bb0-FRA
PushnewsSubscriptionSDK.js
cdn.pn.vg/push/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:6c22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f92720e61715901ec68eeaaa92f3148a175054370df656992613b05b51520bb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
184
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Nov 2022 13:28:54 GMT
server
cloudflare
etag
W/"f6232fba8e67cfd7c188639053936b4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9h%2FYP%2F5%2F%2FMe9cv2Wr3H8ceefldTGPz2cJdcl3IbPJHKjbNjOT5pb5TkQE59v1x602wQyDA5CKivgA%2BwYkjruPwrblQQUQaN2sCq4RqoKbbqMBDfjAOinQ20XVwpzifUGXtH54jtVe%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
78548d0edcbe6964-FRA
x-amz-cf-id
vtSYssHXrAlJs5c8t9vXbrbhqbZldeYh0QXHENppDi7RbIIKMiY3Qg==
notify-impression
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/notify-impression?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=156603587177440471&page.template=home&page.dashboard=home
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220091-HHN
tbl-x-upstream
10.45.212.199:8080
date
Fri, 06 Jan 2023 12:45:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1673009129.773946,VS0,VE9
x-cache
MISS
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=9&id=1207f10f7f383e7f058120c90e10%7C0&acc=82438&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d0eeaee9259-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=77442649983
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm=&id=77442649983&google_tc=
  • https://sync2.navdmp.com/sync?prtid=2&id=77442649983&google_gid=CAESEA2AD6Sv9ztgvxCw8CeQUV4&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=77442649983&google_gid=CAESEA2AD6Sv9ztgvxCw8CeQUV4&google_cver=1
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d101c649259-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=77442649983&google_gid=CAESEA2AD6Sv9ztgvxCw8CeQUV4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=f35863b8-17e8-4400-bd53-430fe51e69b6
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=f35863b8-17e8-4400-bd53-430fe51e69b6
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
78548d0f8bb69259-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 06 Jan 2023 12:45:28 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x16 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=f35863b8-17e8-4400-bd53-430fe51e69b6
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Fri, 06 Jan 2023 12:45:27 GMT
cms
cms.analytics.yahoo.com/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-41498495-1&cid=1897933078.1673009129&jid=1554402258&_u=YEBAAEAAAAAAACAAI~&z=1979976183
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-41498495-1&cid=1897933078.1673009129&jid=1554402258&_u=YEBAAEAAAAAAACAAI~&z=1979976183
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F989 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1nodFwO6oCGTSO5SCvxHJwSCqmz2elBU_rV9BrCvq8kVUbBQJ6qv0SOxkLn5bQLwPf8pIdi18y891lS70faoFwFr055urR-iLzrH5B_dICE65oAe3loZPxdAwBj0KoQNyogHgNwCQyM-0alTLj9ki6Oi6EzIBM95NsGUlyt4sIYwN5eQil1MpH4LdiWUci7ZEiZ9scXijaE-ve72Laq-JZ9U4FkpofwsOxe1MSezcAMSl4HnnIy6sXM26dOj6p0fb9_PQAoqgGzaC8MxFK-bkyJU1xtUGZdkWgpyH4BJm_hsATPeq427Jcy-EABAOBVar20hplllEepl6b8WI2J1KbBtTSRYMQNvS&sai=AMfl-YQcHM_0IeZw6nbUvmu70ig_TvgJx9s_FibBhsgSg-JRa_Q45slXpHrDg3K_MZIskGL44542NXsFZln60fLjRUtF4ptmXTX_kvSHJsp3p6w8d0AQETIdVQR0Pqp9_aRqNCdOa4VDzNShbvX47Y4EYA&sig=Cg0ArKJSzJmjxC1tjn-UEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:28 GMT
508cfab9631f5b501a9991a62d93b669.js
scripts.cleverwebserver.com/ 		126 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/508cfab9631f5b501a9991a62d93b669.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f4f9776d8caa9605e6a5aa8bff3546284bfd60d03963038dd32498499ca45f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
x-amz-version-id
SUWBFHVjuODbqITGz_uK.R8NqL3qNeuc
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 03 Jan 2023 15:47:22 GMT
server
cloudflare
x-amz-request-id
74D6SD6232PAR5ZN
etag
W/"fa0d82c1387f58be329740c8325977e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
78548d0fc83f9176-FRA
x-amz-id-2
WayH6pmxEtkmS3eYi3nSHvmpi6jjuXVL2Jt0CyqTS69U9tfbEkHHVGl66bLrBh3jXB763aGdTYI=
expires
Fri, 06 Jan 2023 13:15:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F989 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:45:28 GMT
clarity.js
www.clarity.ms/eus2-b/s/0.7.1/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/e8n0t8ubqm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:28 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0FnC3YwAAAACxF0HfeBVaTbLqtUH4Aj8mRlJBMjMxMDUwNDE3MDQ3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d9162aa06b059e"
x-azure-ref
06Be4YwAAAAD+PqO/6YXBSbjjxg3XUNu+RlJBMzFFREdFMDMxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
truncated
/ Frame F989 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a40146d9fdca59d47bc679f5b01503ad5d5630bdba25a60b1c544d233f64b5c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F989 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ5JT3wgER-RZvuddV46snq944_9zNlmRXZDD6bLHctM0572E8Q5RXhQJIqeFcK4NA_vp1WEuaUe0hMwtXmlAMF9-j2zeMBh0IJ9uPryTo848-jHUiWRbWvj9LORcDUiqlgUOWyqyW9UxaNVaKAu4X2XrhEJdOsx4jyHrs0Ycx3en9lJGrYd9GdWJA2w3_FPZrQiDZIN1WxAi5k44MXzMwUG1Wc6S8FpmZaNo4L4i0ewiy1mKauaES6A8Asu5ajtntTj3FEr_9dKvooK8opFkZhLUQTWLb_Va17BzkJdiNatB68lIsR73V8lTIVo-wQsfsDG4jwqmjcIvws3eE&sai=AMfl-YS2jzNm7ky_bgtwjW1m2DVRqA2KaHlEoHtFi3v91mCrZC2_d1BpE29T_hawrI9Bi3jsbNrUx830efXN7mBoa03OL6I3XcB5x3km-Jw_aX4SzFtrOdtBCtzBv-ZrGTVsOUUVhssrsgIwHgOh4NQvUw&sig=Cg0ArKJSzAH9xWvqkbICEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:29 GMT
collect
e.clarity.ms/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
date
Fri, 06 Jan 2023 12:45:28 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
explore-more.20230105-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230105-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39e028b554aea065c123567a5d0136200db7f42e7b78ea1ae244b9d8e70185ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
CGfdGPmz09wS73Ia1EqbG1f5meOwD_fZ
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:29 GMT
x-amz-request-id
7BES431R7R0ZDKCZ
age
73262
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6619
x-amz-id-2
flTle+qpElaKXEP87uJTIxdmvBMog14Xp89DqTKfUMm11zSFCxHTV+FP78lq8/jN6ks2xQ1adw0=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 16:24:25 GMT
server
AmazonS3
x-timer
S1673009129.025532,VS0,VE0
etag
"723314b9f2dee82888065b9afcd2ca27"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
107191
feed-card-placeholder.20230105-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230105-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7873ce5ab0103f258bb40a7ee4ec613aba529fe58782303a4b1a92f22822bd64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
jAsgwkTOvO7DDRsdXmb7rdM_Bl4WSr3r
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:29 GMT
x-amz-request-id
ED9QKFQS5DSY1JM0
age
73258
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
2iRSGvO9gOYGI0QYB+6HuizPrimGrUXEu1CfuvefLaUZrrhqHGIu6WP7FxVnROxuYPORE01cSlM=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 16:24:27 GMT
server
AmazonS3
x-timer
S1673009129.026548,VS0,VE0
etag
"37a64b483736baee5595c847e8aa605a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
209075
userx.20230105-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230105-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d57ea859a372d1ae3c6b6072b657983d6ca369d1430feb301c8c8aad30ece0ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JANzB8XjMLYsH4YYa8UAtbisJajxEeN5
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:29 GMT
x-amz-request-id
EE00MMZKZ4GB5ZT1
age
73193
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
w2y09Z1qIKlzvTBdQmLwGV05FGDnd6a8310Bgjb0YrRdnBCq6XQgsNaa29BxjNkLyVE+toAz+nA=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 16:25:14 GMT
server
AmazonS3
x-timer
S1673009129.046994,VS0,VE0
etag
"23378ef38fd06303b44d55ce5c3fa7e6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
45887
supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A45%3A29.014&id=1424&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
social
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/social?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil%20%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2Fimage%2Fcontentid%2Fpolicy%3A1.3065338%3A1616776792%2Fimage.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=12%3A45%3A29.133&id=9919&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ArdinaText-Bold.woff
diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ArdinaText-Bold.woff
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-cache-rule
NOT: beresp.status : 404
content-encoding
br
server
gocache
age
0
x-gocache-cachestatus
MISS
x-frame-options
SAMEORIGIN
x-cache
MISS
content-type
text/html;charset=utf-8
abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1673009129151%7D&tim=12%3A45%3A29.151&id=4630&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320790%3A1672995... 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320790%3A1672995782/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6488f8d65f083b01f1e48a9556f281d089ead8a19165af3cb7d7343170e4ccdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
91
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320790%3A1672995782/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
11704
edge-cache-tag
355933706763477218408670088403540412050,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
355933706763477218408670088403540412050,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
1272
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
18376
x-request-id
6e3bb05e5397f98cc65c43bb8931a9fe
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kcgs7200021-IAD, cache-bur-kbur8200049-BUR, cache-iad-kjyo7100145-IAD, cache-hhn-etou8220091-HHN
last-modified
Fri, 06 Jan 2023 09:16:49 GMT
server
nginx
x-timer
S1673009129.175491,VS0,VE91
etag
"4ee44a37441a1fab94920f61bab23d65"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3319791%3A1672768... 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3319791%3A1672768759/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb4356c259e87e804c2f603d7ea4ca9aab04a7ab28f25d320a98d1b12d43568f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
117
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3319791%3A1672768759/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
238061
edge-cache-tag
550888611719265156224756905587812897415,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
550888611719265156224756905587812897415,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
1595
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
37174
x-request-id
82f357a9fd4309b196e7e3382278b70f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100156-IAD, cache-iad-kcgs7200158-IAD, cache-lga21930-LGA, cache-iad-kiad7000125-IAD, cache-hhn-etou8220091-HHN
last-modified
Tue, 03 Jan 2023 18:21:13 GMT
server
nginx
x-timer
S1673009129.176218,VS0,VE117
etag
"a41c4aaf0609bac2533befcb1266e341"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 4, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320782%3A1672992... 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320782%3A1672992409/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e2f0c9cbccdda0a00dd3941ac94e2ccb284028f1c27ce69a4630ea815f3efb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
184
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320782%3A1672992409/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
16157
edge-cache-tag
302161582253462068866740051900600807656,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
302161582253462068866740051900600807656,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
2539
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
95708
x-request-id
149ee160e95f726b3bf747b28b38e683
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000102-IAD, cache-iad-kcgs7200145-IAD, cache-lga21926-LGA, cache-iad-kjyo7100145-IAD, cache-hhn-etou8220091-HHN
last-modified
Fri, 06 Jan 2023 08:13:12 GMT
server
nginx
x-timer
S1673009129.175915,VS0,VE184
etag
"cdc3e4a8a2808193400171d402e985c2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320040%3A1672835... 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320040%3A1672835766/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0f0ea3e215b4b386598ab9239710170bf60644e4c840b348037cca288cf89af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
114
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320040%3A1672835766/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
170932
edge-cache-tag
408309913804131934405310277191830047259,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
408309913804131934405310277191830047259,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
1288
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
38722
x-request-id
b1c3ca4ff550cac18520b112cd31f9a8
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000096-IAD, cache-iad-kjyo7100074-IAD, cache-sna10744-LGB, cache-iad-kcgs7200037-IAD, cache-hhn-etou8220091-HHN
last-modified
Wed, 04 Jan 2023 13:14:04 GMT
server
nginx
x-timer
S1673009129.175475,VS0,VE114
etag
"f13cd94b9822ab41759357a121e8aa0f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3318306%3A1672445543/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3318306%3A1672445543/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
71fe56acc74530aa862d158b7ccefa3975ec837edcc17c6b1fe35a0b9fbbe5fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
2133
date
Fri, 06 Jan 2023 12:45:31 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3318306%3A1672445543/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
550050
edge-cache-tag
556085547136219782662905411979376557965,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
556085547136219782662905411979376557965,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time
2019
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
31790
x-request-id
6fe34ef9ac8772f0922f3760bb57ad51
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kiad7000119-IAD, cache-lga21948-LGA, cache-iad-kjyo7100085-IAD, cache-hhn-etou8220091-HHN
last-modified
Sat, 31 Dec 2022 03:35:29 GMT
server
nginx
x-timer
S1673009129.175100,VS0,VE2133
etag
"d912f82a24ab6a2fdce08c8c688218d9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320787%3A1672995237/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320787%3A1672995237/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
054be264e91be8c5ef20fa5530b04ff87ad37e4d2b5f751061933c58b3fd6172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3320787%3A1672995237/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
11731
edge-cache-tag
501027325779274733115884787912898216640,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
501027325779274733115884787912898216640,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1652
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
21044
x-request-id
dbac533b6fdd77bfc3ded1abd22defb6
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200121-IAD, cache-iad-kiad7000048-IAD, cache-bur-kbur8200085-BUR, cache-iad-kjyo7100055-IAD, cache-hhn-etou8220091-HHN
last-modified
Fri, 06 Jan 2023 09:21:31 GMT
server
nginx
x-timer
S1673009129.175098,VS0,VE92
etag
"93ef5da06e0fa16e1da13a90ba6102b3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 6, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A7.4748161%3A1672955006/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A7.4748161%3A1672955006/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d87c94e16d348ce707d90ddfcea28aad7d4155438d0e0e16325c874a34a335e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
90
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A7.4748161%3A1672955006/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
48564
edge-cache-tag
501345023842177671318734843975660518544,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
501345023842177671318734843975660518544,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1973
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
41746
x-request-id
b1b3263e9b569e1b4c6eb8b51760adf7
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100088-IAD, cache-iad-kiad7000051-IAD, cache-bur-kbur8200098-BUR, cache-iad-kjyo7100069-IAD, cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 22:03:59 GMT
server
nginx
x-timer
S1673009129.291155,VS0,VE90
etag
"86121b2bcc5a1f2991944a4f02bdb9dd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 0
image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3096748%3A1672959252/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3096748%3A1672959252/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cb94f1c204fa2565272d86498ff3d5d08f778807852a6f61a187b924c025b052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
101
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//diariodonordeste.verdesmares.com.br/image/contentid/policy%3A1.3096748%3A1672959252/image.jpg%3Fh%3D630%26q%3D0.6%26w%3D1200%26%24p%24h%24q%24w%3Df76cc5e
age
29111
edge-cache-tag
505403661401613720804365251183680687973,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag
505403661401613720804365251183680687973,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
1710
req-referer
https://diariodonordeste.verdesmares.com.br/
content-length
12736
x-request-id
eab09f2c9d19a676deface0b6419cc6d
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100030-IAD, cache-iad-kiad7000156-IAD, cache-bur-kbur8200050-BUR, cache-iad-kjyo7100052-IAD, cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 23:16:49 GMT
server
nginx
x-timer
S1673009129.291251,VS0,VE101
etag
"e5c9a6edff07f9c70e549937b0dd1614"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 0
8169eb721a7836a388081f61314479b8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8169eb721a7836a388081f61314479b8.png
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
750f9e12cd51e2b22b844f73a41951aba4f0662eebaa9bf700f2a27b3baa847b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8169eb721a7836a388081f61314479b8.png
age
5501135
edge-cache-tag
583267471180174056323457284216973267661,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
583267471180174056323457284216973267661,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
323
req-referer
https://www.tag24.de/thema/feuerwehreinsatz-heute/lagerhalle-stuerzt-bei-grossbrand-ein-millionenschaden-ein-verletzter-2658348
content-length
21174
x-request-id
2c9a3b3883c079092f1aa1c5336074a7
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kiad7000034-IAD, cache-lax10650-LGB, cache-iad-kjyo7100089-IAD, cache-hhn-etou8220091-HHN
last-modified
Mon, 31 Oct 2022 14:02:08 GMT
server
nginx
x-timer
S1673009129.323509,VS0,VE1
etag
"0a2975c0e83cb36bd78a6e6b737bb800"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 569, 1
renault_koleos_model_year_2021_4f6812a803.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/renault_koleos_model_year_2021_4f6812a803.jpg
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c2edb04860935540c2d7a81e340a8c4f6933623721a2290b482257cc4a49872

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 06 Jan 2023 12:45:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//api.toptiertower.com/uploads/renault_koleos_model_year_2021_4f6812a803.jpg
age
4534122
edge-cache-tag
327951867313783671697627555497574507390,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag
327951867313783671697627555497574507390,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
920
req-referer
https://tamil.mykhel.com/
content-length
55828
x-request-id
f7460b8bd82d52cf260b495431b64589
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100179-IAD, cache-iad-kcgs7200065-IAD, cache-chi-klot8100173-CHI, cache-iad-kiad7000155-IAD, cache-hhn-etou8220091-HHN
last-modified
Sun, 13 Nov 2022 09:17:35 GMT
server
nginx
x-timer
S1673009129.323431,VS0,VE18
etag
"1169445ff28e46afc41486c66bd2de1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 226, 1
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
view
securepubads.g.doubleclick.net/pcs/ Frame 3E50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXwr_EJLDmzrtNdGyGqBQhUYSdR5KfDUGBKg9gRNpgLhwOWnlynm1ak4Azl4CCVk4OjlvMGuWSA82uMCqplkZhaO4oa6fcX6edniVYtLSmJ-vFzZgX9wFPOalTpx3GBp7Pcc7G8zM0I0nWX29lPi7MJZ-q6ssnrgL-v7FraleqIcK4B8EmN37SJYiqWLm5aITwUEg4e1ZA2VOm15oGFNLUO3kBeVhJSWl_x6yeDsCLK47fleep6ULOIxDMAKafnQJn903g8CLb2Drq4S8vL0hoZ6WVvVem48VbGW7zMtgCFxBE90LuK_NAwIoMSF7bOnKHr51HmIB9BA&sai=AMfl-YTE-4-Q7G4xNPMxpJ1KHiatkc4oGgxQErPe9jE6g0L1s7WAJom4KI76Go0s1OqzJxl9jYEJv7yhC5iLc-wHmtVF4kRkrz1vv7Kx-_56KhXn3jPDlmY0DOWO0wKrf2LyepVlBaf5GDMG9ImfACfY9Q0&sig=Cg0ArKJSzJeO7bJiiBHtEAE&uach_m=[UACH]&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 3E50 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 02:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8895
x-xss-protection
0
server
cafe
etag
5139089157766378523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 02:16:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame 3E50 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 22:56:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E50 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:45:29 GMT
2858469296476973514
tpc.googlesyndication.com/simgad/ Frame 3E50 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2858469296476973514
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
376c3c3bb9c16b414adea731f90dfe7e39f849f7c6f5de26f28c592fcf2aa950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119317
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 21:02:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 06 Jan 2024 12:45:29 GMT
/
ui.cleverwebserver.com/ 		160 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
327864cd7fa368892a997d3a22556cdcef9fc80814f24c24c1cfa1f9cf800ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d11ec3e9176-FRA
content-type
application/javascript
spa-detector.20230105-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230105-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariodonordeste-diariodonordeste/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be8adcc762245304909182b11d4843e2481d502a9394fdb85a3cfa7f9b48e670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5yh.aSxnooPN9aVpP4eUlr_rds2Z3ijx
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:29 GMT
x-amz-request-id
ZSYNH0FEYK4T2P7P
age
73235
x-cache
HIT
x-amz-replication-status
PENDING
content-length
809
x-amz-id-2
BHatHV1PSGmLiDBpPnqEBzrmtAQ3Y4ZJFBbXNxY+49BdwxIIgsEBeWws0V0XDg5XEHjuKzWROJM=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Thu, 05 Jan 2023 16:24:52 GMT
server
AmazonS3
x-timer
S1673009129.280325,VS0,VE0
etag
"1b415a46f4c18fcf0a3486e0798a5241"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
110112
supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A45%3A29.250&id=3503&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1673009129263%7D&tim=12%3A45%3A29.263&id=9844&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A45%3A29.264&id=8080&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariodonordeste-diariodonordeste/log/3/abtests?route=AM:AM:V&lti=deflated&ri=c8b5ad680a7a7ec60b8262fd131229e8&sd=v2_565ca3e52df58d70409c710930197630_5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68_1673009128_1673009128_CNawjgYQ9aJBGJfI9bjYMCABKAEwODib4wlAhIoQSNTJ2QNQo-wQWABgAGjvhs2V9cu1kixwAA&ui=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&pi=/&wi=-1502375787747636427&pt=text&vi=1673009128471&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1673009129269%7D&tim=12%3A45%3A29.270&id=7139&llvl=2&cv=20230105-3-RELEASE&
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pbjs-min.js
tags.premiumads.com.br/scripts/ 		369 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe081a84ca6ae1db3a9694b552c5c07cb94958d6468e9a61b58c85366c3ff5bd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 19:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
172703
etag
W/"1d91181492d7e68"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BnkCLKvfwxQYBrpS%2BtzFjK%2BCLBlt7485oWZQFBy%2FD9pepbSzT6jGrowP6yCrp4%2By68yZLHkx9DESAGQNR%2FmrfEWcjm9CgpQQiQdeodsJ%2FUWo3BdM%2FMp6T9T25pLAOsNcB8PCSD0S7n2XDL18uPRi45hIB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
78548d120be59bb0-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1d6e8daddba62809bcd91dcf7b3109469da7129bb81033b9d1899f232770168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27576
x-xss-protection
0
server
sffe
etag
"1443 / 443 of 1000 / last-modified: 1673006750"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 06 Jan 2023 12:45:29 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-210532949-3
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
136884539021575d67f7342e2996b06ac73a1a1f0b69254e53f70d11662f3bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45281
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Jan 2023 12:45:29 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-210532949-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXKK2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efb55a249cb7fe14833f29b537a601de5d62495a81501fdf5889a8fa160d15fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45302
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Jan 2023 12:45:29 GMT
p_icons_3.png
tags.premiumads.com.br/Content/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.premiumads.com.br/Content/p_icons_3.png
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
strict-transport-security
max-age=2592000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
410482
x-powered-by
ASP.NET
content-length
12013
last-modified
Fri, 16 Dec 2022 19:04:56 GMT
server
cloudflare
etag
"1d91181492892ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hdjFDhVOlZitv3N6BrwBAe0qEbR03vF9MfyppbB7C1InZj8ZBO6W1E8UtNSiolnmRJ7jYhqyRFLpSL7n3OZ619PKkEXazg3YA%2Fcsr3HVruCfwu5lticEojpvA6rh2iT4AKK2Y8z05t3xe56pH38ZmGUu9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
78548d121bf69bb0-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
/
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame B7E0
Redirect Chain
  • https://sender.clevernt.com/transporter/49109.php?id=503466&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&r=235400789&tok=33419711310201791433&t=1673009129&cmpId=&fb=0&wl...
  • https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
4 KB
973 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4a391302ee0b5f813f3582d1f3e6fd54683ac0d9779ff3bcce076a0e1a593d

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=1800
cf-cache-status
REVALIDATED
cf-ray
78548d1428239176-FRA
content-encoding
br
content-type
text/html
date
Fri, 06 Jan 2023 12:45:29 GMT
expires
Fri, 06 Jan 2023 13:15:29 GMT
last-modified
Tue, 06 Dec 2022 20:03:53 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
MYqdx2sJ2qn3mDMsSA40w6uc5BGrJsub14T+/OcvynNezXKk/DCyo67wyQfsS9ALSjLw+YA96mc=
x-amz-request-id
26C35FE5V0W370WC

Redirect headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Fri, 06 Jan 2023 12:45:29 GMT
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Fri, 06 Jan 2023 12:45:29 GMT
location
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
pragma
no-cache
server
nginx
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 3E50 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
250bca73bd728f38f228ac7edccf2ecb8e822c1c01866faccb372593a756cf71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
/
call.cleverwebserver.com/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=49109&c=DE&r=null&l=97&b=Chrome&os=Win10&mob=0&v=1.34.1&ref=aHR0cHM6Ly9kaWFyaW9kb25vcmRlc3RlLnZlcmRlc21hcmVzLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d12cdc79176-FRA
content-length
43
content-type
image/gif
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://diariodonordeste.verdesmares.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-max-age
600
age
0
content-length
0
date
Fri, 06 Jan 2023 12:45:29 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://diariodonordeste.verdesmares.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-max-age
600
age
0
content-length
0
date
Fri, 06 Jan 2023 12:45:29 GMT
server
ATS/9.1.10.25
/
id.navegg.com/uid/ 		16 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.navegg.com/uid/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 12:45:30 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept
allow
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cf-ray
78548d135e826904-FRA
access-control-allow-headers
*
content-length
16
access-control-allow-method
GET
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 12:45:29 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1227540
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8%2Bjr9IOuaXl7fvhjfp9gAzpAFH8vhrgcnkVE6xtrYedUnY7tt89mmOsXd%2BDX82KSNPgBgobUHsKCrELdg6C%2Fvsomb4Y2ODnI18f3Jb1AkX0B2oeVfWWvacZEf%2BrF1SvbkxkI9zFQXOcQLQI"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78548d135d062be9-FRA
prebid
ib.adnxs.com/ut/v3/ 		248 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7f74700b630dde94575ecd79caf73b5da2d467144998b1f1a8713a3bdbd50a5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:29 GMT
AN-X-Request-Uuid
b865e66e-2d41-498e-b2c7-f5ebb2cc7fe7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://diariodonordeste.verdesmares.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
248
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.139.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-139-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
date
Fri, 06 Jan 2023 12:45:29 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid-request
onetag-sys.com/ 		15 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=278982&zone_id=1419332&size_id=2&alt_size_ids=55%2C58%3B&rp_schain=1.0,1!premiumads.com.br,ad245932-5fbb-4643-888f-058ed0a9f623,1,,,&eid_navegg.com=1207f10f7f383e7f058120c90e10%5E1&rf=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&tg_i.pbadslot=%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_HEADERSTICKY%23P_DIARIO_DO_NORDESTE_HEADERSTICKY_0%3B%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_INFEED_01%23P_DIARIO_DO_NORDESTE_INFEED_01_0&tk_flint=pbjs_lite_v7.26.0&x_source.tid=ebf9072b-4733-4861-8f14-4afbb49f9f16%3B983a3418-2046-49bf-be6b-1ad307ee943f&l_pb_bid_id=11da5e28f4a6448%3B1290db1e5098f26&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0754&rp_maxbids=1&p_gpid=%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_HEADERSTICKY%23P_DIARIO_DO_NORDESTE_HEADERSTICKY_0%3B%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_INFEED_01%23P_DIARIO_DO_NORDESTE_INFEED_01_0&slots=2&rand=0.524460711246034
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e343b603386eb4c1ca373907270e3e1d44af2e0af2255abf0f5e89528c675af2

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.26.0&cb=70391133395&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ 		171 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
2a71804e22166e4f78ac7b8a179bbef5828f5c1c5cd39d998e0670f277f84ebd

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d95d3b264412224586015eddfec5643b196373737c9f2acfdcfa8f866987f099

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials
true
content-length
66
auction
tlx.3lift.com/header/ 		19 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.180.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-180-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
mp.4dex.io/ 		114 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef8bdbb8b093f76cc792141c0c68137a54e9d399ca334f6c788c4b65abf2a76

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 06 Jan 2023 12:45:29 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: P_DIARIO_DO_NORDESTE_HEADERSTICKY_0, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: P_DIARIO_DO_NORDESTE_INFEED_01_0, Process Seats Booster. unable to get the seat booster engine for organization: 1048
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78548d137e589090-FRA
expires
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=712901505&t=pageview&_s=1&dl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&ul=en-us&de=UTF-8&dt=Di%C3%A1rio%20do%20Nordeste%20-%20%C3%9Altimas%20not%C3%ADcias%20de%20Fortaleza%2C%20Cear%C3%A1%2C%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAIAB~&jid=657721212&gjid=1260527724&cid=1897933078.1673009129&tid=UA-210532949-3&_gid=467650393.1673009129&_r=1&gtm=2ou120&z=1959140013
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-210532949-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Jan 2023 11:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3285
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 06 Jan 2023 13:50:44 GMT
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
view
securepubads.g.doubleclick.net/pcs/ Frame 3E50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuk_iGT_2X4UGsdRQGX4DWK2odq6Iac6KC5lAI5qJTFB8vVTkxZO68hao37IX6ATfTlrH_lDvp-NmMRAK1bp0i4yS0sSkDsrwuRPBr5V6qnSFx0yroo0bpBPyzK_Cnh7dBAcM2Kzosr1a6SWhKqMDs3BiN_agS5JrEbgMZ_t94e10oFc5pRpfuUoa7tYLkTLxVPL9UGH3NOuZ3sObN8iUlWPfrBVT8qz-YfjPRtTmAF6ury2jiduAKnbT8oHXLXXIUKWY4l9v8TGBjUSSIh0bwPw6xWlSo_75H4kICWZsRk5jwnyL2PM5waNpxr12k4xmW9v0xwfRCp1XM-&sai=AMfl-YQ-k7L99-fGWcezFDoDW4xT4zsZiWG59gSHzN4h4WPXqUCquhoIFxy3LzOsrk-XYay281hGBH--VzdmnOdILT-t-yybnPSFzFiOj-7pNA4D5p8iA2dyC0qdgrP277XEevbUAVi3JPvTxgIAxbWuYXA&sig=Cg0ArKJSzOMoGufW8YuCEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:29 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 4175 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:36:05 GMT
age
140964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:36:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4175 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:36:05 GMT
age
140964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:36:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4175 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 15:36:51 GMT
age
162518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 15:36:51 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4175 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:36:05 GMT
age
140964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:36:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4175 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 04 Jan 2023 21:36:05 GMT
age
140964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 04 Jan 2024 21:36:05 GMT
css
fonts.googleapis.com/ Frame 4175 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 12:42:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Jan 2023 12:45:29 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4175 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 19:12:59 GMT
x-content-type-options
nosniff
server
cafe
age
63150
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2886
x-xss-protection
0
expires
Fri, 06 Jan 2023 19:12:59 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4175 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
8587
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 07 Jan 2023 10:22:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4175 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CqPwt6Re4Y-DXAoGVxdwPh6-wkATPhpqVbavolNDGEIfLvfzHARABIN3Wrh5gldr9gZQHoAH1hNmmAcgBCakCV3GSDRGosT7gAgCoAwHIAwqqBLsCT9D7QgyU5NzPuliu5ya4t_-2d5UTVLhYQcgKxWrcJk7jVX1X2x9N55573vzIIpQ1S5XKp-8Orxitac66eBSfl6oMjybxpl7lkQiKDpStH61kNP88BCZpTa38wP5JuYfm14N_fwXVL1dl2lZvlFw1Zj62RpVLgLXsDDtLw-yExlT3sFVDShN_Xd8wg_yNufMtAO05B4V2QvUcb3UMhQCV0g82CtdRLtR8tMoIbzd49PMD7MmolpNvdA4PgpfC-ElgMT81BVUdneePBgUIOv2GRuA8Y6x-ef1mlAqCQpZJSCDi-QTwWtqaFR55laYJXpzAXcVX4O449AcwT_8zSCJ4uLDXBIMk58tA56zmpab2nL_P_5WFf4zqm3h6uYqgTQj6HcTayp4Tip9BCJu0aJLyIdYNrAIrnTstHXk5wAS-zci1jwTgBAGSBQQIBBgBkgUECAUYBKAGLoAH8_qm2QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDFzgjSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbgT5APYEw3QFQGAFwGyFx4KHAgAEhRwdWItODAzNzcxMzQ5ODY1ODE3MRjhngc&sigh=5wDdlXvBItA&uach_m=[UACH]&cid=CAQSSwDq26N9bvXl_J_InwEb1vY93shoJZKtnLJN4A08gxIILcRhWYJ7Pddi-EZcNYON2Imv81VeieRMCfbTbWrrCelLgNgtX6yGWv4Z3BgBIBM&template_id=484
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/3278377930040471689/ Frame 4175 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3278377930040471689/2076313506083323656
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dce621e9142720f2b43df8ed34f13b4888617265140412ec9231cd4001fd744d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 23:23:57 GMT
x-content-type-options
nosniff
age
393692
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30676
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 12:53:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jan 2024 23:23:57 GMT
truncated
/ Frame 4175 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4175 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e029dcfc7d26d3deecd535e2d64defbd26fcc965b39edc669415a2bd89e34532

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
p-1279447f.js
diariodonordeste.verdesmares.com.br/static/morpheus-web/web-components/www/build/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/web-components/www/build/p-1279447f.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
1b21c2d2fad97069ea01dc2c47711d13342896eed4debf09e950cc2ac02f7898
Security Headers
Name Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/web-components/www/build/web-components.esm.js?v=1.20.7
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-cache-rule
YES with ttl: 3600.000 /static/morpheus-web/web-components/www/build/p-1279447f.js
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 04 Jan 2023 05:16:34 GMT
server
gocache
content-security-policy
frame-ancestors http://polopoly.verdesmares.com.br, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
age
27
etag
W/"11093-1672809394000"
x-frame-options
SAMEORIGIN, ALLOW-FROM http://polopoly.verdesmares.com.br
x-cache
HIT
content-type
application/javascript
x-gocache-cachestatus
HIT
cache-control
max-age=1296000
expires
Sat, 21 Jan 2023 12:45:29 GMT
ArdinaText-Bold.ttf
diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ArdinaText-Bold.ttf
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.82.174.15 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software
gocache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/static/morpheus-web/static/styles/main.css?v=1.20.7
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-cache-rule
NOT: beresp.status : 404
content-encoding
br
server
gocache
age
0
x-gocache-cachestatus
MISS
x-frame-options
SAMEORIGIN
x-cache
MISS
content-type
text/html;charset=utf-8
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 12:45:29 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5CZH9KFPT64YEET2
Age
1219028
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
tLBMSMIUnQzRoIw5icvW5YBNa79TfRZdADgljCfm1cSgns6wKvkhLURfV0W6hd5weJkG7wmQrq4=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5fpmLOY6S0VQg%2BBSW4PrBIDyAi3cxsCTeFdQ3jdYRpg%2BAYywaglIkGy95szAiFFfPNWHoLzS8AAYJ0MszPALEMrZBt6%2BpPA%2BV4ufsHI5whAUPEM9J8Dib9LV0D%2FuptwcT%2F8fCKSMgc4kCkq"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
78548d141a64bb73-FRA
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4175 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 19:33:08 GMT
x-content-type-options
nosniff
age
148341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 19:33:08 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4175 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://diariodonordeste.verdesmares.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 01:58:46 GMT
x-content-type-options
nosniff
age
125203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:58:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EEA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJmxQFuMiIa72_HkwJoErtkecHfssC1JpgE2t5ejePPW5R0VI8iiwNStTAzK7FwmEOSfoRX9_0Hf357QfwUeNVX5SfSAPq8JaXy59g-Q89weclVGgLsHuv-tzIM_kgCpXcg3lDCTHnVS2hbWR827fHqu0Ar47C294MELeHzQoTPunztNZJyPKB1qcF-5RLhxoZY3velWTrD8C5qikTQ4_M7G3IQaGDVebKmv47cqM78y6c03wBBWq4652IaofZnzT0r9K1TQzuwJH5GFWFfw1RFRwFE7Qo_lXeQ1VyGLvJVl-VrFEpwRdULUJ5uH13vJ3cSmnX7fa3SxlbwA&sai=AMfl-YTQCzDIUsIt1zN2bU7hWYrqXur-9MawopXiftffsRKhVWYsklmNG0vxn8CCT1p2pHvZxxjvqN9MYbwk284zncV9zFh2P2ykBXyL2OeQtD9PK_5kWVLCacr1pVVyB-NG_eaZZ_8mfnOKRNufAtbBYq4&sig=Cg0ArKJSzNDwyCrtaxmjEAE&uach_m=[UACH]&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame EEA1 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 02:16:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
37733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8895
x-xss-protection
0
server
cafe
etag
5139089157766378523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 02:16:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame EEA1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 22:56:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EEA1 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:45:29 GMT
14100687871715917713
tpc.googlesyndication.com/simgad/ Frame EEA1 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14100687871715917713
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
907c2f2d71abe95d47608a82115aff982af9126b9b9f16f23d0894a741c0c765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:38:15 GMT
x-content-type-options
nosniff
age
90434
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244423
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 18:47:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 05 Jan 2024 11:38:15 GMT
style.css
lp.cleverwebserver.com/bet365/de/sports/grp1/ Frame B7E0 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e4f09712f9ca05fdc60d34ef9308ffc80a592d3fb4035decd71080fa23d1b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8THSPEWKQ95J0ZBJ
age
1738
cf-polished
origSize=11956
x-amz-id-2
rlsC7u6ixABKPZsUfeTjcKsrXyjTOoHmF1zenDr1JZ8LXnrDG3b3gz5DhhrZlZTohtFVKFzOh3w=
cf-bgj
minify
last-modified
Mon, 12 Dec 2022 23:56:25 GMT
server
cloudflare
etag
W/"bf5b43010766718411fff126585ba859"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
cf-ray
78548d14c9409176-FRA
expires
Fri, 06 Jan 2023 13:15:29 GMT
anzeige.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		1 KB
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/anzeige.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:06:57 GMT
server
cloudflare
x-amz-request-id
VR526QYA4460BRRE
age
1085
etag
W/"3e9d1a10a1056de77db1bab72b55ef1c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d14c9439176-FRA
x-amz-id-2
0GlS0n2VN/No5QpZSG78s36maA0xvK2rMA3uKyNR2LDRbojaLLCnVAP4XD3jDmeXYJvTRvI/YWI=
expires
Fri, 06 Jan 2023 13:15:29 GMT
logo.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/logo.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Dec 2022 20:02:50 GMT
server
cloudflare
x-amz-request-id
S77ZB8WSZ3XBR700
age
496
etag
W/"89cc1efb4630095200908a2c0e01275c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d14d9549176-FRA
x-amz-id-2
ILmnseSJqpurMBYoaAedK9Xa9I0NcOrnkI5mDWlJjaT3IwjRogyD6RP4yXeuZxkSg/wFB7YjZ8Y=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:06:57 GMT
server
cloudflare
x-amz-request-id
B1ZNXMS70W4GC66C
age
496
etag
W/"48521ed69677855391819664023f03a2"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d14d9559176-FRA
x-amz-id-2
SSq7gu718I/wVgD0Xz3gj23dK55j7jy/4WZXBkaW7oklqRP2Saakmh3RRGPl2Z9mtcUYdC+3zTM=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 23:58:06 GMT
server
cloudflare
x-amz-request-id
VC7P3AXPXXDHDDJN
age
1303
etag
W/"b021ae3bd30deb5a02a9d0476e269ae5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d14d9569176-FRA
x-amz-id-2
YG6fDQeM0glJjwiTfnGwtWZK+VwyPR37IqJZhkPhdQX5j/VsGnclfIfn2wRUjS1302eDPBZBIqU=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 10:05:44 GMT
server
cloudflare
x-amz-request-id
MF1CX0DQMNB7DJRN
age
521
etag
W/"6a14ab0d467b44cc536dff1c855843d1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d14d9589176-FRA
x-amz-id-2
tvxDbBcnBO/Hq/ur3ae22vq2hb7VNDp7Rs8OhZhvcU85Hq+l8wL050HaOeDaTg1KIhEovHGXfso=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:50:50 GMT
server
cloudflare
x-amz-request-id
7MQ8ABGZMHW4ZR8S
age
496
etag
W/"beb4ce05eda61995a0eba82cbef0fb8e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d1509b09176-FRA
x-amz-id-2
ucQ6Xy6YKUVqOPVVvZzs27FQl5QMRpmzGU5/PiQx/tb3gCo5QuupunrHVRfxB+zsdw1rbgXWQVw=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:09:00 GMT
server
cloudflare
x-amz-request-id
ZECT2T4FM08270S0
age
496
etag
W/"5dafc545e73be5464256dd78dc118a9c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d1509b49176-FRA
x-amz-id-2
vqiC+0Fs0MA2eNBP4MxoBURj3T0yQ3lVxtTj+ndfmeK18dCI7SCQtxsD6d5QAY3ZUb5s34kgg6Q=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy2.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:49:20 GMT
server
cloudflare
x-amz-request-id
AX993RVTYS8WBMJH
age
496
etag
W/"dc43a4e11b82fa41efb8bdc2acd73425"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d1509b99176-FRA
x-amz-id-2
K9bsvjx4BixTGpDvTd3s0B/eC787/EcURv6CgNt4kDki17PC5j1MIOB3g5g7W4ndAsOhMUqaFzs=
expires
Fri, 06 Jan 2023 13:15:29 GMT
copy3.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/copy3.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Dec 2022 20:03:52 GMT
server
cloudflare
x-amz-request-id
8A1YAYD9GB0KPGQF
age
496
etag
W/"9048820dc635dbe10d09725e919ba54f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d1519c79176-FRA
x-amz-id-2
TYj/SYBAqsRITgxSCBLbluymTG7x2F6H78xMCnghwqS+tnp9jcdtWH2q3qbQ5V6u4WXstUmhoLc=
expires
Fri, 06 Jan 2023 13:15:29 GMT
cta.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/cta.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:09:00 GMT
server
cloudflare
x-amz-request-id
VTFCCF2GVG5WGR41
age
1302
etag
W/"b26d0f732978180e7c2480406f97e7f3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d1519cc9176-FRA
x-amz-id-2
fFCXUiKMJsSNxy83B34iP2aypMTx77LrZ/cCbCU6k2Q3CgkAky3cZz3/Vv4BRgDQ3A21/PyEHkc=
expires
Fri, 06 Jan 2023 13:15:29 GMT
legal2_pushmobile.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushmobile.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 12:50:50 GMT
server
cloudflare
x-amz-request-id
2S1GK5PKQ24T16F5
age
496
etag
W/"22316355cfe04cd150c2b810a54167a4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d1519cd9176-FRA
x-amz-id-2
1mqXCqsD5blxVtLNB/5vzyu2HFyvzMW15Irjx1CN7+odiAdh41X5MS/lEmHcLIICfM0lrTWbwFE=
expires
Fri, 06 Jan 2023 13:15:29 GMT
legal2_pushdown.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		33 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2_pushdown.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:09:00 GMT
server
cloudflare
x-amz-request-id
15RBS7PB1Z1WTEQ8
age
496
etag
W/"19cfc2171558b226e44590caa30ac756"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d154a289176-FRA
x-amz-id-2
STIrUCfO0xJjtxjwZi1iPWYTJwI6OomW/QI9IC3zGYKXzL4q3UwZQITr5AaTZxwe4SOtEav3npU=
expires
Fri, 06 Jan 2023 13:15:29 GMT
legal2.svg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		33 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/legal2.svg?v=5
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 20:09:00 GMT
server
cloudflare
x-amz-request-id
AT9HTZEJCW51V5DC
age
724
etag
W/"a33282a0f66d9e18e14ed6c9fa761dd6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1800
cf-ray
78548d154a3a9176-FRA
x-amz-id-2
NDDrUr54JJv4Z4ErV4m/fmBYVYDdWstpLZlBH1/SWcEAJNJLK+rqchrWp6IeKq7/FBB7/iVqzv0=
expires
Fri, 06 Jan 2023 13:15:29 GMT
rocket-loader.min.js
lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame B7E0 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
server
cloudflare
etag
W/"63a1e484-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
78548d154a3b9176-FRA
expires
Sun, 08 Jan 2023 12:45:29 GMT
truncated
/ Frame EEA1 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b5363ebdd65a26a6bda0b8abc85048ce1ea6259e3a2b6e59ad6cb2984b01334

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EEA1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsus6Lm7y5ico16OPlsBIZONLA-V_BewH9kaUZUCS5XTNTvaXzC3RXgw2ksksmZqLFgVHINR5Tio6OaEyfuadgc1AHfCHG22B1E8XQrQOpfzdGJgNJsQS9Q83H_HiH6KodYs30a3RMcql__en5-l_LqKNIRDa0cbdQyJRtplvG99yITbKVbNkWismU-aITI1L9liqdbK9QGLHllFygoXUhYDFICxjtFQ28dDi1Gd9u1k3Ds7WX74otnpEiiosWXYkTl2DouDGYnP6EHTpbWojVQeJXpt7GcP8x99O-noW8C_sv1X2rPNbDTw02apNi1eSMOBdeZrBv2QX6juG-NB&sai=AMfl-YSdCHFiX-RM_lnbg9m3233406dU_jLtnu2lCPyIVADLAozkd7LhRv3NFOTCBg48JNiWEBvs0_LqJ0neSXBYK_pOsb2xgajb1sM9MzIb-WpCJ83MXJ3Nrh0orfUxfA_d8KHp7odFy-R9DmiUp7gS_4M&sig=Cg0ArKJSzEc_xcECMdt8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:29 GMT
css
fonts.googleapis.com/ Frame B7E0 		8 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 06 Jan 2023 12:19:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Jan 2023 12:45:29 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=1804072704497175&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=75894840%3A1028625%2CDIARIO_DO_NORDESTE_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C1000x90&ifi=9&adks=614391757&didk=4147171542&sfv=1-0-40&fsbs=1&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.40&cust_params=url%3Ddiariodonordeste.verdesmares.com.br%26categoria%3Dhome&sc=1&cookie=ID%3Dbf601a7e86c5b645%3AT%3D1673009128%3AS%3DALNI_MZm5YoR79HCQBJOqbPKu8cGRIl4Og&gpic=UID%3D00000b9e30be1ec8%3AT%3D1673009128%3ART%3D1673009128%3AS%3DALNI_MZ-ut7aKFxLWH-FoDXVt88zzLZt_Q&arp=1&abxe=1&dt=1673009129819&lmt=1673009129&dlt=1673009126853&idt=1735&adxs=315&adys=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1000x-1&msz=1000x-1&fws=512&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true&ga_cid=467650393.1673009129
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
858b7e47a783d1721e38de9e2dae5410acd19cde6338b5b4be1761bc64159408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10204
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
320x320_15.gif
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/320x320_15.gif?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
897a61f461e2da1c232ce838911e080848f1454071e4e1fea731055df1b03f86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
cf-cache-status
HIT
x-amz-request-id
SFN9H6YJGDJY9KJ4
age
1604
cf-polished
origSize=85875, status=webp_bigger
content-length
85394
x-amz-id-2
+mZpSM2s1/2Mf0sum8Kd3Epm0DGrYKDANjARTOS2v1Sv4agicgAZPbSEFw+aiClYub5188zOmnY=
cf-bgj
imgq:100,h2pri
last-modified
Sat, 10 Dec 2022 10:05:44 GMT
server
cloudflare
etag
"b97a40ec85baebd06758c20639f491ed"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
78548d159ad79176-FRA
expires
Fri, 06 Jan 2023 13:15:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame B7E0 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lp.cleverwebserver.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 18:50:55 GMT
x-content-type-options
nosniff
age
323674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 18:50:55 GMT
clever.de.js
lp.cleverwebserver.com/bet365/js/ Frame B7E0 		821 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cleverwebserver.com/bet365/js/clever.de.js
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c6c9d8548d627e7686b7181eefb0e8939df4aa139f5d9cebecbf0ba8f0ccb36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/?affiliate=365_01015691
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
14EHKZ7D1XKKWB93
age
776
cf-polished
origSize=992
x-amz-id-2
pwOM+Dbo3ZuBCTLSy8KoLfccqUMN8wGtFqEC6zVU6I4xrsf19VCGlLog8EerTO6iwi5cHR70q/s=
cf-bgj
minify
last-modified
Fri, 06 Jan 2023 11:32:25 GMT
server
cloudflare
etag
W/"75326716c6b75ca126b399a79ba549c4"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1800
cf-ray
78548d15ab0a9176-FRA
expires
Fri, 06 Jan 2023 13:15:29 GMT
report-page-structure
nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/ Frame 7B15 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariodonordeste-diariodonordeste/report-page-structure?page.url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&view.id=156603587177440471&page.template=home&page.dashboard=home&ui=adcbf424-0e62-48f6-8d82-241f580b7dd4-tuctab19d68
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://diariodonordeste.verdesmares.com.br
Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
date
Fri, 06 Jan 2023 12:45:29 GMT
server
nginx
tbl-x-upstream
10.44.210.190:8080
via
1.1 varnish
x-application-context
front-page-event-server:production
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220091-HHN
x-timer
S1673009130.881424,VS0,VE9
bg-pushdown_2.jpg
lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/ Frame B7E0 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cleverwebserver.com/bet365/de/sports/grp1/imgs/bg-pushdown_2.jpg?v=3
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lp.cleverwebserver.com/bet365/de/sports/grp1/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
cf-cache-status
HIT
x-amz-request-id
15GSA3DCSY33HBMB
age
1194
cf-polished
origSize=27972, status=webp_bigger
content-length
26182
x-amz-id-2
aqozHeztFThA6buZ75sMM7UTYhN+zxPnINr10DuV6TpsvsOfv6Ezw6U/Ht7z9ftPWtHNWysrxsY=
cf-bgj
imgq:100,h2pri
last-modified
Sat, 10 Dec 2022 20:09:00 GMT
server
cloudflare
etag
"badb98ee3ef98cf931012151d07083fe"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
78548d160ba49176-FRA
expires
Fri, 06 Jan 2023 13:15:29 GMT
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:29 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame AFD4 		84 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_01015691
Requested by
Host: lp.cleverwebserver.com
URL: https://lp.cleverwebserver.com/bet365/js/clever.de.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.19 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Referer
https://lp.cleverwebserver.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
78548d16bfc5904e-FRA
Cache-Control
private
Connection
keep-alive
Content-Encoding
gzip
Content-Length
177
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Jan 2023 12:45:30 GMT
ME-Redirect
PQB
Server
cloudflare
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame F989 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuIjtXaD9UH7ut8nfmNLrvXUbw1U7P_WQgy4ONodcDWEza7SHpvWt_3jdi2YWKZIefL0kxkiaHs_zKIYu6kXv3ND9rd_OYnVClvDuDGX3HBOJOLZWZ&sig=Cg0ArKJSzAg8ckqr3C8KEAE&id=lidar2&mcvt=1011&p=290,250,400,1350&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230105&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3090499511&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673009128849&rpt=139&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/diariodonordeste-diariodonordeste/log/3/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/diariodonordeste-diariodonordeste/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230105-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:30 GMT
via
1.1 varnish
x-served-by
cache-hhn-etou8220091-HHN
server
nginx
x-timer
S1673009130.160173,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
date
Fri, 06 Jan 2023 12:45:29 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
container.html
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B108 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:28 GMT
expires
Sat, 06 Jan 2024 12:45:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:30 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
pixel
googleads.g.doubleclick.net/xbbe/ Frame 169B 		624 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_dTjwAEwAQ&v=APEucNVo9zRBjQF78HuF6WKsOM-ZHGf_ljdXF9euapk7T_KnGDkib0cRDYEx6AlZPhwTfIN1XdNnO-FInqO8DyVyTolUH7-BdnO_NxtRuJxdcZJf2r4LqInahl8JC7XOEdyMkIn1mDof3xtzbsGLn6bpbVPBSC5PwXCz548KPQ-rz9S8p_D9WzE
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:30 GMT
expires
Fri, 06 Jan 2023 12:45:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame B108 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo8iBFJPKbYf04HYTM8NAJBb0D9S3zTlFGjtzddOXFBn5ZDLBVXrMpXeM4iTcnED7KWcJGkWYHH05N6BnlLd5-fDLp7T8wlMQtaOQcwxaaHb48cM1twoSnIPD_u45U8uhayiusCBZL9QQeBOw5LYDFO9gdDL4QC4Ljn4xaUYErjaPnYmM&dbm_d=AKAmf-BvMHNdwzCN8nGcUts_f9ctNrvRXSFyyYO79njo0A8xFT1PDNGCQAYHsf9FkuJObST1Mj5jUUfopVkV__aBSXYxiHC6yOcMrqrRvheWlODdzJlggM8Rv8GHM65CAB7lZlcwrTrRVHz78KKO-wn8ZwAhekP9eqDraknYYZvZPEPqZkLS38CgqHRdad_63jQPXCCXHHBtxT94Wn6xAhX4t0Ql2VujrlZLX5SPSuEI6NSu0PyG2rQqmDeooz4mzbEBgR_phhzm7pUhaNQGuUufVO6qz6wvs6rsWGBP2_-c3W50dUYabyZs5FHriIAAiZZfRMB8g9QIalBJjzqC_YSRX4qkPOYMmZYu4MoAY8s_yk7Rh-3gMmvNnedqypyvILqOBLPdWAOBpBFj9WJrseeqebsmcC6gQ37z9mNxLuPUW_H-GmUrjBW9hiY5qQgJtxvZ4fnkX47M8RZTqj0jk3MfsijJqlVnPRkpt5JNtBXcY5l_wDjEWJropNmnp_AycxBF6aVy-MTtjwkamRHjPM23kugO5ryCHg4vXTMeCbAO3cH_w-pEPtHwGgX1PWOptIvp8IbuK8K7kqrkjoDQ_FBNGSfjcYTue9dnaq_jJzIzcmqy4uOYG8LrfgArfCJnbpj2BfjNQvHoOnmvokbBlpZU_wwyR4ohHmdmhcbnJ6GFWFxgHYVWpU1qCV3KXWMZGE8xsdV6addJ-9Q82zSNjeZDlumIUMn84IcwDKckQSfj0UqETL86FRVVXkDmuxkiA3kvSA8r3JwJn3D6Jay6alB0z3-MrPtvxEXJKHiDkn0BapuGkJ7tPRstdKIF5bImadbIgaRRt5EVOaFH_mWn07aDR8TKR-Gqa07NplgAUD8vot8vRZPEC3wVZHm7ee_VTz7gX15ZuHqez2jfXkwReSZaUiYYRQQHIzRU6at715vzwLR44n7ssRPpjbmv32Wy1xDlVYMaCFipMiPc6bbrl-gy3eKrfUeh-mAoWXXVvY8plUZWBBkpCokRo56LqhAfp7Sov7aPh2Cp3uhMrAM7UURz-1lb7R5KGiSgEnLcBYOpWT4wzoitITHdl4uWL81M00b3y0L6poSmplkDQAhAec1vC43Qyhc1052UoFjNWtN5oFd-KgWVpQS9I7hKslH4WU3TZmhzJjxX4EP0h0L5sb4AG0m72D3sehqEVsYYkItBs7GzsoyCNeKSDyis0bmRv6z3gN312b-n5ydZVS2-7B8tJfFMYtV0eqME7VdDm0errgmITcJ3c3vfrlUAeGVbvGH6YtZwPMGdsbsWCowOLi4LtHYvuB-wwCgwJzihV-Ov34zmCe0pjw22lYJXiIMasMjKrBh7Oqek_h-MM8dMyzgF4dua5Z_Z2erQbpmKKqgMdvZ78MKN5c0jelC0lZS9NejOrVMf7Lsx0V8RwLYzqRLGEVN_KWojnkEOhraFKoOLOMLOVcUDe6fADNMZlVcINqz1rv0hptkwgvz65FBGsqiOtkTtSoX9VTxX3dBHpie_0ewoGNyaZjSNOZDVx1BTsv8POY-gQ1zYirvcfMq59_-8stOsrnrRjT5NvH0Yce8zxJTwMPWqfzCoRTPZcSacDTtz469G8Osv1Z13Mo4UWp4dMB_RCHNDHYkbLTAyC4MUVm2jWZjUuL0NOaKOltxnAJTpaoPlQaJvv4R2UQomfZCMwHoPaSh_V-PIf0Yk9cAu3puonRvTgD8XLJFHxsOHOnLt7YbKHvXJxtOigBh6PtbIY-VQPakHaRu0jhv9IZSd6ymzCTcuo1Pk0fGk9ThbBrFqPdx5W5ULlSj-ObZZDN73rKoZR_Gop26tvemY8lwjlf26eEH9wPDD6cDyTW_RyTsiPEE941FGNNOgFgc3PIfN-6u8-cQcQVd8FPBpZPZ2yejZcHHWT3LCe4r4W2O0keyZHFWaPfMhSqrH374-WIZXn32eMyWK_1QikOTRSEbF9mE60fwmoRuIJ8ALyhOPqcpoi3hb-njdW5skbo49Lp4NuRkw3SEHtu4CTpYgUJcVR6q5OjRp8G1tLuRejam-cxpxDBV3iGPGy-jp6R5JQz5An6lbQdD-VL4BLTkM5-dD2x93VTVvHTc5JqMhS7DlWd9sABjcGDvDdKITNreraG6uPgFISDNz23H7eqKQastUeDROniXiCqcf6Mll2BYbn8uybhe4oJwxBfcrlrCrihIUUnxrW0fYmBd3lG0S5qazTzn2usLB7ZO9zu5Mi0vXgYwJ5itskim30rl8nSKtIXvn2hxebXGFLyjpoy0eEJnhNVNdsiQ_NcVjk_JUx5pIAa_nNUj11SCYUDzjE1Zs5wmo45UUHPcD87Jk-9-E1fX2UPHkVHdPmNh7tkdZh8C8AjAgzxZYJtxAB26swdUB21ndozJBWPliSueJdQxQ_dTy63-uzabozAoU-_Ae2q93mt9UKXdFA9Nsq-TGfR5k8kZ_W_q57Iep1wDBvFwqpkUaDBN7mCKda_f2TCGp5Nf_Mvz0iP3SjcglH8ca6TwnqI8dPXnAtwZ80wlVj-BESCBKuI634grA4S6j-afoL114QhsKqu_YCelVNT8mfWsV6MA5rO3ZrT1tjPvgXstXCcOzRb_tIWbiRmpElKgkMBB6u__Kd6e98S94QlQK8G4wc7fWFIf9SHEUAFRko27ejKWZJwF7ntQOiFX3IA6XmC6ZVURpZgUzEgbtm9WX3hYaOxl84g-UMuiyo5XhyIkK6zn_vBZ37UdstDJvStt4ch6QdPfapz_HVcNKjLTsb1fZLywuaR5Kn9K48Y8kcq8SJEp9MeOaokq56xi0II8DyYprzoxvKSjKXx45Guz7iGT6T8ebdvv3QPhGquhnDjEMRC4gAeC-KhJqFZjST_sRfW-vuJRyDGSHMuUYXFaTdYOSE7PKRYfdm9DX3vxsgd53fhzB_I4ez-nurcV0eJdWLL-TAx3CWk_GgecWtQV6lD2D2BxigwJWDzLg52C7m4QWHNAKMCaobZceo6gmtLIrBBEUeNwd5FV30feMIccjUolgihgWslHBbmqUqnC5z4QdcCSaSWPyEFE1iPWabOd5YLOE9ZwnH1hbTldI4t7Reg3itAm51WFpYI7ChS2ykEq_9FaLcoQt193eC01E_1GK1jWvFIT_GkLIZ4qpwp9jXOirM42yXt4NluDROp3js6_QROArN7pDgceGp2p93gQZDuiKSfC4cPnlLAtimhJrvF5EgjQm4chferm8_MkWVjwHqoXICyKOjxC3iqN11cc00vySu3vZEHEZhDbthODsUZl8S5tOt4MoywD24o3igT9BtzOqWLkD7UeA6kZxgBsP3VfgfWbv_4IR0F764HV0uS0knZwkPVN6UbHXYmYj6DdHMb0eTbHyiTEaHPalyOanLEoHKFsE9wTmd4WtYXska19TX9aLjsMkeAjYeyzPxa0Us4qxtivu7dWdpuj3VxjG_7OO1Vd4TF6u8ApUqvSAh1bbbIKYJCknD_gB2mXqgaig8lDZMg1Sq9kZaSPxJ7BjtD2V_0ZBF0cGELSMv7eHPMbplifmtBU9-qsF0qYTiDbR8ziJxDxDzjnDUHRin5AAjif7bl6seQv0C273OrDSBkn4Lhazqc4sZ_StZT_8AhhyyV4dx-B00RCHQDGg3-qLJ0Ffoi4WZDfUfhC4WpgTEo29dqomjG1pkGXr3RpVYPCbhO9sHPeCKEArKOUpWxQkKvZv21AczPl1PMmmcpSt1EzNJk2yUC2x45cO_Q&cid=CAQSPADq26N9oMwC_aReAO274NNn730h9rsQOlsfhMj68Euho7aQ1-n9JKFysRT_r9hGKwZce9EEdEFpavVB1RgBIBM&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca30f19d8b9001d94e3979213ccf6ac5f8e185368f667e8105df60d0afed8845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36678
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B108 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJjAYE5IFMwmFHk6ZHQeVZTvXGzs-kY7VpjEqAyMItp-8eHIUn4p3vX9TUgYNkrMRl31MbQr__WumeaVaDDy0hWh39r7TQ2rhWCc_otAgCa6TVsjg
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame B108 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/window_focus_fy2021.js
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 22:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
49715
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Jan 2023 22:56:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/ Frame B108 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230104/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 02:16:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
37739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7527
x-xss-protection
0
server
cafe
etag
8658061406568722807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 02:16:31 GMT
l
www.google.com/ads/measurement/ Frame B108 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWaoKSTBUCvR1mecM5HlDF2z07a2NFl68oduufZhgLE1F0eKP5zXMzmLoktIZG9nsg4Nbv7S8Ox7QEWrHayoT3ZGhSkg
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B108 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:45:30 GMT
rum
dsum-sec.casalemedia.com/ Frame 169B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_dTjwAEwAQ&v=APEucNVo9zRBjQF78HuF6WKsOM-ZHGf_ljdXF9euapk7T_KnGDkib0cRDYEx6AlZPhwTfIN1XdNnO-FInqO8DyVyTolUH7-BdnO_NxtRuJxdcZJf2r4LqInahl8JC7XOEdyMkIn1mDof3xtzbsGLn6bpbVPBSC5PwXCz548KPQ-rz9S8p_D9WzE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 169B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y7gX65.VOzvPIrUKNU0PegAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_dTjwAEwAQ&v=APEucNVo9zRBjQF78HuF6WKsOM-ZHGf_ljdXF9euapk7T_KnGDkib0cRDYEx6AlZPhwTfIN1XdNnO-FInqO8DyVyTolUH7-BdnO_NxtRuJxdcZJf2r4LqInahl8JC7XOEdyMkIn1mDof3xtzbsGLn6bpbVPBSC5PwXCz548KPQ-rz9S8p_D9WzE
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJg1L20RG10nejhEA76Ax_I&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 169B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDuZx0U716RuqUM3Tj13ciw&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDuZx0U716RuqUM3Tj13ciw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_dTjwAEwAQ&v=APEucNVo9zRBjQF78HuF6WKsOM-ZHGf_ljdXF9euapk7T_KnGDkib0cRDYEx6AlZPhwTfIN1XdNnO-FInqO8DyVyTolUH7-BdnO_NxtRuJxdcZJf2r4LqInahl8JC7XOEdyMkIn1mDof3xtzbsGLn6bpbVPBSC5PwXCz548KPQ-rz9S8p_D9WzE
Protocol
HTTP/1.1
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:31 GMT
AN-X-Request-Uuid
969e6b5d-0ab8-4e8e-b6db-c2c0d423ef7e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDuZx0U716RuqUM3Tj13ciw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 169B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1ODE5MTkyNDU0MjIzODg2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1ODE5MTkyNDU0MjIzODg2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_dTjwAEwAQ&v=APEucNVo9zRBjQF78HuF6WKsOM-ZHGf_ljdXF9euapk7T_KnGDkib0cRDYEx6AlZPhwTfIN1XdNnO-FInqO8DyVyTolUH7-BdnO_NxtRuJxdcZJf2r4LqInahl8JC7XOEdyMkIn1mDof3xtzbsGLn6bpbVPBSC5PwXCz548KPQ-rz9S8p_D9WzE
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 06 Jan 2023 12:45:31 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
241222b6-0127-4c58-9cc5-3d34111f473d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1ODE5MTkyNDU0MjIzODg2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230105-3-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 06 Jan 2023 12:45:31 GMT
x-amz-request-id
XZ48AY8MC3YY614W
age
2301
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by
cache-hhn-etou8220091-HHN
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1673009131.027091,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
49
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
20863
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame B108 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Origin
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 13:02:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/ Frame B108 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo8iBFJPKbYf04HYTM8NAJBb0D9S3zTlFGjtzddOXFBn5ZDLBVXrMpXeM4iTcnED7KWcJGkWYHH05N6BnlLd5-fDLp7T8wlMQtaOQcwxaaHb48cM1twoSnIPD_u45U8uhayiusCBZL9QQeBOw5LYDFO9gdDL4QC4Ljn4xaUYErjaPnYmM&dbm_d=AKAmf-BvMHNdwzCN8nGcUts_f9ctNrvRXSFyyYO79njo0A8xFT1PDNGCQAYHsf9FkuJObST1Mj5jUUfopVkV__aBSXYxiHC6yOcMrqrRvheWlODdzJlggM8Rv8GHM65CAB7lZlcwrTrRVHz78KKO-wn8ZwAhekP9eqDraknYYZvZPEPqZkLS38CgqHRdad_63jQPXCCXHHBtxT94Wn6xAhX4t0Ql2VujrlZLX5SPSuEI6NSu0PyG2rQqmDeooz4mzbEBgR_phhzm7pUhaNQGuUufVO6qz6wvs6rsWGBP2_-c3W50dUYabyZs5FHriIAAiZZfRMB8g9QIalBJjzqC_YSRX4qkPOYMmZYu4MoAY8s_yk7Rh-3gMmvNnedqypyvILqOBLPdWAOBpBFj9WJrseeqebsmcC6gQ37z9mNxLuPUW_H-GmUrjBW9hiY5qQgJtxvZ4fnkX47M8RZTqj0jk3MfsijJqlVnPRkpt5JNtBXcY5l_wDjEWJropNmnp_AycxBF6aVy-MTtjwkamRHjPM23kugO5ryCHg4vXTMeCbAO3cH_w-pEPtHwGgX1PWOptIvp8IbuK8K7kqrkjoDQ_FBNGSfjcYTue9dnaq_jJzIzcmqy4uOYG8LrfgArfCJnbpj2BfjNQvHoOnmvokbBlpZU_wwyR4ohHmdmhcbnJ6GFWFxgHYVWpU1qCV3KXWMZGE8xsdV6addJ-9Q82zSNjeZDlumIUMn84IcwDKckQSfj0UqETL86FRVVXkDmuxkiA3kvSA8r3JwJn3D6Jay6alB0z3-MrPtvxEXJKHiDkn0BapuGkJ7tPRstdKIF5bImadbIgaRRt5EVOaFH_mWn07aDR8TKR-Gqa07NplgAUD8vot8vRZPEC3wVZHm7ee_VTz7gX15ZuHqez2jfXkwReSZaUiYYRQQHIzRU6at715vzwLR44n7ssRPpjbmv32Wy1xDlVYMaCFipMiPc6bbrl-gy3eKrfUeh-mAoWXXVvY8plUZWBBkpCokRo56LqhAfp7Sov7aPh2Cp3uhMrAM7UURz-1lb7R5KGiSgEnLcBYOpWT4wzoitITHdl4uWL81M00b3y0L6poSmplkDQAhAec1vC43Qyhc1052UoFjNWtN5oFd-KgWVpQS9I7hKslH4WU3TZmhzJjxX4EP0h0L5sb4AG0m72D3sehqEVsYYkItBs7GzsoyCNeKSDyis0bmRv6z3gN312b-n5ydZVS2-7B8tJfFMYtV0eqME7VdDm0errgmITcJ3c3vfrlUAeGVbvGH6YtZwPMGdsbsWCowOLi4LtHYvuB-wwCgwJzihV-Ov34zmCe0pjw22lYJXiIMasMjKrBh7Oqek_h-MM8dMyzgF4dua5Z_Z2erQbpmKKqgMdvZ78MKN5c0jelC0lZS9NejOrVMf7Lsx0V8RwLYzqRLGEVN_KWojnkEOhraFKoOLOMLOVcUDe6fADNMZlVcINqz1rv0hptkwgvz65FBGsqiOtkTtSoX9VTxX3dBHpie_0ewoGNyaZjSNOZDVx1BTsv8POY-gQ1zYirvcfMq59_-8stOsrnrRjT5NvH0Yce8zxJTwMPWqfzCoRTPZcSacDTtz469G8Osv1Z13Mo4UWp4dMB_RCHNDHYkbLTAyC4MUVm2jWZjUuL0NOaKOltxnAJTpaoPlQaJvv4R2UQomfZCMwHoPaSh_V-PIf0Yk9cAu3puonRvTgD8XLJFHxsOHOnLt7YbKHvXJxtOigBh6PtbIY-VQPakHaRu0jhv9IZSd6ymzCTcuo1Pk0fGk9ThbBrFqPdx5W5ULlSj-ObZZDN73rKoZR_Gop26tvemY8lwjlf26eEH9wPDD6cDyTW_RyTsiPEE941FGNNOgFgc3PIfN-6u8-cQcQVd8FPBpZPZ2yejZcHHWT3LCe4r4W2O0keyZHFWaPfMhSqrH374-WIZXn32eMyWK_1QikOTRSEbF9mE60fwmoRuIJ8ALyhOPqcpoi3hb-njdW5skbo49Lp4NuRkw3SEHtu4CTpYgUJcVR6q5OjRp8G1tLuRejam-cxpxDBV3iGPGy-jp6R5JQz5An6lbQdD-VL4BLTkM5-dD2x93VTVvHTc5JqMhS7DlWd9sABjcGDvDdKITNreraG6uPgFISDNz23H7eqKQastUeDROniXiCqcf6Mll2BYbn8uybhe4oJwxBfcrlrCrihIUUnxrW0fYmBd3lG0S5qazTzn2usLB7ZO9zu5Mi0vXgYwJ5itskim30rl8nSKtIXvn2hxebXGFLyjpoy0eEJnhNVNdsiQ_NcVjk_JUx5pIAa_nNUj11SCYUDzjE1Zs5wmo45UUHPcD87Jk-9-E1fX2UPHkVHdPmNh7tkdZh8C8AjAgzxZYJtxAB26swdUB21ndozJBWPliSueJdQxQ_dTy63-uzabozAoU-_Ae2q93mt9UKXdFA9Nsq-TGfR5k8kZ_W_q57Iep1wDBvFwqpkUaDBN7mCKda_f2TCGp5Nf_Mvz0iP3SjcglH8ca6TwnqI8dPXnAtwZ80wlVj-BESCBKuI634grA4S6j-afoL114QhsKqu_YCelVNT8mfWsV6MA5rO3ZrT1tjPvgXstXCcOzRb_tIWbiRmpElKgkMBB6u__Kd6e98S94QlQK8G4wc7fWFIf9SHEUAFRko27ejKWZJwF7ntQOiFX3IA6XmC6ZVURpZgUzEgbtm9WX3hYaOxl84g-UMuiyo5XhyIkK6zn_vBZ37UdstDJvStt4ch6QdPfapz_HVcNKjLTsb1fZLywuaR5Kn9K48Y8kcq8SJEp9MeOaokq56xi0II8DyYprzoxvKSjKXx45Guz7iGT6T8ebdvv3QPhGquhnDjEMRC4gAeC-KhJqFZjST_sRfW-vuJRyDGSHMuUYXFaTdYOSE7PKRYfdm9DX3vxsgd53fhzB_I4ez-nurcV0eJdWLL-TAx3CWk_GgecWtQV6lD2D2BxigwJWDzLg52C7m4QWHNAKMCaobZceo6gmtLIrBBEUeNwd5FV30feMIccjUolgihgWslHBbmqUqnC5z4QdcCSaSWPyEFE1iPWabOd5YLOE9ZwnH1hbTldI4t7Reg3itAm51WFpYI7ChS2ykEq_9FaLcoQt193eC01E_1GK1jWvFIT_GkLIZ4qpwp9jXOirM42yXt4NluDROp3js6_QROArN7pDgceGp2p93gQZDuiKSfC4cPnlLAtimhJrvF5EgjQm4chferm8_MkWVjwHqoXICyKOjxC3iqN11cc00vySu3vZEHEZhDbthODsUZl8S5tOt4MoywD24o3igT9BtzOqWLkD7UeA6kZxgBsP3VfgfWbv_4IR0F764HV0uS0knZwkPVN6UbHXYmYj6DdHMb0eTbHyiTEaHPalyOanLEoHKFsE9wTmd4WtYXska19TX9aLjsMkeAjYeyzPxa0Us4qxtivu7dWdpuj3VxjG_7OO1Vd4TF6u8ApUqvSAh1bbbIKYJCknD_gB2mXqgaig8lDZMg1Sq9kZaSPxJ7BjtD2V_0ZBF0cGELSMv7eHPMbplifmtBU9-qsF0qYTiDbR8ziJxDxDzjnDUHRin5AAjif7bl6seQv0C273OrDSBkn4Lhazqc4sZ_StZT_8AhhyyV4dx-B00RCHQDGg3-qLJ0Ffoi4WZDfUfhC4WpgTEo29dqomjG1pkGXr3RpVYPCbhO9sHPeCKEArKOUpWxQkKvZv21AczPl1PMmmcpSt1EzNJk2yUC2x45cO_Q&cid=CAQSPADq26N9oMwC_aReAO274NNn730h9rsQOlsfhMj68Euho7aQ1-n9JKFysRT_r9hGKwZce9EEdEFpavVB1RgBIBM&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:31:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame B108 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo8iBFJPKbYf04HYTM8NAJBb0D9S3zTlFGjtzddOXFBn5ZDLBVXrMpXeM4iTcnED7KWcJGkWYHH05N6BnlLd5-fDLp7T8wlMQtaOQcwxaaHb48cM1twoSnIPD_u45U8uhayiusCBZL9QQeBOw5LYDFO9gdDL4QC4Ljn4xaUYErjaPnYmM&dbm_d=AKAmf-BvMHNdwzCN8nGcUts_f9ctNrvRXSFyyYO79njo0A8xFT1PDNGCQAYHsf9FkuJObST1Mj5jUUfopVkV__aBSXYxiHC6yOcMrqrRvheWlODdzJlggM8Rv8GHM65CAB7lZlcwrTrRVHz78KKO-wn8ZwAhekP9eqDraknYYZvZPEPqZkLS38CgqHRdad_63jQPXCCXHHBtxT94Wn6xAhX4t0Ql2VujrlZLX5SPSuEI6NSu0PyG2rQqmDeooz4mzbEBgR_phhzm7pUhaNQGuUufVO6qz6wvs6rsWGBP2_-c3W50dUYabyZs5FHriIAAiZZfRMB8g9QIalBJjzqC_YSRX4qkPOYMmZYu4MoAY8s_yk7Rh-3gMmvNnedqypyvILqOBLPdWAOBpBFj9WJrseeqebsmcC6gQ37z9mNxLuPUW_H-GmUrjBW9hiY5qQgJtxvZ4fnkX47M8RZTqj0jk3MfsijJqlVnPRkpt5JNtBXcY5l_wDjEWJropNmnp_AycxBF6aVy-MTtjwkamRHjPM23kugO5ryCHg4vXTMeCbAO3cH_w-pEPtHwGgX1PWOptIvp8IbuK8K7kqrkjoDQ_FBNGSfjcYTue9dnaq_jJzIzcmqy4uOYG8LrfgArfCJnbpj2BfjNQvHoOnmvokbBlpZU_wwyR4ohHmdmhcbnJ6GFWFxgHYVWpU1qCV3KXWMZGE8xsdV6addJ-9Q82zSNjeZDlumIUMn84IcwDKckQSfj0UqETL86FRVVXkDmuxkiA3kvSA8r3JwJn3D6Jay6alB0z3-MrPtvxEXJKHiDkn0BapuGkJ7tPRstdKIF5bImadbIgaRRt5EVOaFH_mWn07aDR8TKR-Gqa07NplgAUD8vot8vRZPEC3wVZHm7ee_VTz7gX15ZuHqez2jfXkwReSZaUiYYRQQHIzRU6at715vzwLR44n7ssRPpjbmv32Wy1xDlVYMaCFipMiPc6bbrl-gy3eKrfUeh-mAoWXXVvY8plUZWBBkpCokRo56LqhAfp7Sov7aPh2Cp3uhMrAM7UURz-1lb7R5KGiSgEnLcBYOpWT4wzoitITHdl4uWL81M00b3y0L6poSmplkDQAhAec1vC43Qyhc1052UoFjNWtN5oFd-KgWVpQS9I7hKslH4WU3TZmhzJjxX4EP0h0L5sb4AG0m72D3sehqEVsYYkItBs7GzsoyCNeKSDyis0bmRv6z3gN312b-n5ydZVS2-7B8tJfFMYtV0eqME7VdDm0errgmITcJ3c3vfrlUAeGVbvGH6YtZwPMGdsbsWCowOLi4LtHYvuB-wwCgwJzihV-Ov34zmCe0pjw22lYJXiIMasMjKrBh7Oqek_h-MM8dMyzgF4dua5Z_Z2erQbpmKKqgMdvZ78MKN5c0jelC0lZS9NejOrVMf7Lsx0V8RwLYzqRLGEVN_KWojnkEOhraFKoOLOMLOVcUDe6fADNMZlVcINqz1rv0hptkwgvz65FBGsqiOtkTtSoX9VTxX3dBHpie_0ewoGNyaZjSNOZDVx1BTsv8POY-gQ1zYirvcfMq59_-8stOsrnrRjT5NvH0Yce8zxJTwMPWqfzCoRTPZcSacDTtz469G8Osv1Z13Mo4UWp4dMB_RCHNDHYkbLTAyC4MUVm2jWZjUuL0NOaKOltxnAJTpaoPlQaJvv4R2UQomfZCMwHoPaSh_V-PIf0Yk9cAu3puonRvTgD8XLJFHxsOHOnLt7YbKHvXJxtOigBh6PtbIY-VQPakHaRu0jhv9IZSd6ymzCTcuo1Pk0fGk9ThbBrFqPdx5W5ULlSj-ObZZDN73rKoZR_Gop26tvemY8lwjlf26eEH9wPDD6cDyTW_RyTsiPEE941FGNNOgFgc3PIfN-6u8-cQcQVd8FPBpZPZ2yejZcHHWT3LCe4r4W2O0keyZHFWaPfMhSqrH374-WIZXn32eMyWK_1QikOTRSEbF9mE60fwmoRuIJ8ALyhOPqcpoi3hb-njdW5skbo49Lp4NuRkw3SEHtu4CTpYgUJcVR6q5OjRp8G1tLuRejam-cxpxDBV3iGPGy-jp6R5JQz5An6lbQdD-VL4BLTkM5-dD2x93VTVvHTc5JqMhS7DlWd9sABjcGDvDdKITNreraG6uPgFISDNz23H7eqKQastUeDROniXiCqcf6Mll2BYbn8uybhe4oJwxBfcrlrCrihIUUnxrW0fYmBd3lG0S5qazTzn2usLB7ZO9zu5Mi0vXgYwJ5itskim30rl8nSKtIXvn2hxebXGFLyjpoy0eEJnhNVNdsiQ_NcVjk_JUx5pIAa_nNUj11SCYUDzjE1Zs5wmo45UUHPcD87Jk-9-E1fX2UPHkVHdPmNh7tkdZh8C8AjAgzxZYJtxAB26swdUB21ndozJBWPliSueJdQxQ_dTy63-uzabozAoU-_Ae2q93mt9UKXdFA9Nsq-TGfR5k8kZ_W_q57Iep1wDBvFwqpkUaDBN7mCKda_f2TCGp5Nf_Mvz0iP3SjcglH8ca6TwnqI8dPXnAtwZ80wlVj-BESCBKuI634grA4S6j-afoL114QhsKqu_YCelVNT8mfWsV6MA5rO3ZrT1tjPvgXstXCcOzRb_tIWbiRmpElKgkMBB6u__Kd6e98S94QlQK8G4wc7fWFIf9SHEUAFRko27ejKWZJwF7ntQOiFX3IA6XmC6ZVURpZgUzEgbtm9WX3hYaOxl84g-UMuiyo5XhyIkK6zn_vBZ37UdstDJvStt4ch6QdPfapz_HVcNKjLTsb1fZLywuaR5Kn9K48Y8kcq8SJEp9MeOaokq56xi0II8DyYprzoxvKSjKXx45Guz7iGT6T8ebdvv3QPhGquhnDjEMRC4gAeC-KhJqFZjST_sRfW-vuJRyDGSHMuUYXFaTdYOSE7PKRYfdm9DX3vxsgd53fhzB_I4ez-nurcV0eJdWLL-TAx3CWk_GgecWtQV6lD2D2BxigwJWDzLg52C7m4QWHNAKMCaobZceo6gmtLIrBBEUeNwd5FV30feMIccjUolgihgWslHBbmqUqnC5z4QdcCSaSWPyEFE1iPWabOd5YLOE9ZwnH1hbTldI4t7Reg3itAm51WFpYI7ChS2ykEq_9FaLcoQt193eC01E_1GK1jWvFIT_GkLIZ4qpwp9jXOirM42yXt4NluDROp3js6_QROArN7pDgceGp2p93gQZDuiKSfC4cPnlLAtimhJrvF5EgjQm4chferm8_MkWVjwHqoXICyKOjxC3iqN11cc00vySu3vZEHEZhDbthODsUZl8S5tOt4MoywD24o3igT9BtzOqWLkD7UeA6kZxgBsP3VfgfWbv_4IR0F764HV0uS0knZwkPVN6UbHXYmYj6DdHMb0eTbHyiTEaHPalyOanLEoHKFsE9wTmd4WtYXska19TX9aLjsMkeAjYeyzPxa0Us4qxtivu7dWdpuj3VxjG_7OO1Vd4TF6u8ApUqvSAh1bbbIKYJCknD_gB2mXqgaig8lDZMg1Sq9kZaSPxJ7BjtD2V_0ZBF0cGELSMv7eHPMbplifmtBU9-qsF0qYTiDbR8ziJxDxDzjnDUHRin5AAjif7bl6seQv0C273OrDSBkn4Lhazqc4sZ_StZT_8AhhyyV4dx-B00RCHQDGg3-qLJ0Ffoi4WZDfUfhC4WpgTEo29dqomjG1pkGXr3RpVYPCbhO9sHPeCKEArKOUpWxQkKvZv21AczPl1PMmmcpSt1EzNJk2yUC2x45cO_Q&cid=CAQSPADq26N9oMwC_aReAO274NNn730h9rsQOlsfhMj68Euho7aQ1-n9JKFysRT_r9hGKwZce9EEdEFpavVB1RgBIBM&rfl=1%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
7485935580621256062
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:31:54 GMT
/
pips.taboola.com/ 		64 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
51eb4811df12afcda583ac8f5e55a7f3882c1e4eeefba9e5f45b4a179693073c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220072-HHN
date
Fri, 06 Jan 2023 12:45:31 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B108 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 08:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 08:56:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B267 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
86123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Jan 2023 12:50:08 GMT
etag
48472445140208031
expires
Fri, 06 Jan 2023 12:50:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B108 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5ead7d81c88dd34a6927fbe7a680fb0dfa76b3d7c3307632da7256f4b4f1839

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DB9C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
530383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 09:25:48 GMT
expires
Sun, 31 Dec 2023 09:25:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B267
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEJhqS8EV_CIR7im-YIcnZk&google_cver=1&google_push=AavPq0NUhlt94a9d-27wuDW67g2poD2ih_5O5rs8cNBetpuG3NNeyBkBSdH0YFNhyKnEGCNUxkRlO08RZM8Baxzy9z5unskE8ig
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODczNDAwMTg5ODUyODMyNzgwMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJhqS8EV_CIR7im-YIcnZk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJhqS8EV_CIR7im-YIcnZk&google_cver=1
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEJhqS8EV_CIR7im-YIcnZk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B267
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEOJ5utIFn-0HmNEtBM2Beic&google_cver=1&google_push=AavPq0MfkTh_9sln4x_qUK5RYkvW78MRJXmSmxFL45853UV0oC8vPW4rrJwIHzRTY3cggmtWddOkMx15Hz9G1eqW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HIeappVTToeAIIOh90Engw2&google_push=AavPq0MfkTh_9sln4x_qUK5RYkvW78MRJXmSmxFL45853UV0oC8vPW4rrJwIHzRTY3cggmtWddOkMx15Hz9G1eqWdZAreZZpTQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HIeappVTToeAIIOh90Engw2&google_push=AavPq0MfkTh_9sln4x_qUK5RYkvW78MRJXmSmxFL45853UV0oC8vPW4rrJwIHzRTY3cggmtWddOkMx15Hz9G1eqWdZAreZZpTQ
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 06 Jan 2023 12:45:31 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=HIeappVTToeAIIOh90Engw2&google_push=AavPq0MfkTh_9sln4x_qUK5RYkvW78MRJXmSmxFL45853UV0oC8vPW4rrJwIHzRTY3cggmtWddOkMx15Hz9G1eqWdZAreZZpTQ
x-host
tde-deliveryengine-production-769c9db745-rhfpb
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame B267
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP0K6qbAC0WQUJEC0IiNEJo&google_cver=1&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyE...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEP0K6qbAC0WQUJEC0IiNEJo&google_cver=1&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Dj...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a18ac6ae-7789-4f67-810c-b4f2049570cf
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=a18ac6ae-7789-4f67-810c-b4f2049570cf
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=1dc162b1-81d4-4eac-8b52-497c1111006a&ssp=google&expires=30&user_group=5&bsw_param=a18ac6ae-7789-4f67-810c-b4f2049570cf
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyEKhM6HOE&google_hm=oYrGrneJT2eBDLTyBJVwzw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyEKhM6HOE&google_hm=oYrGrneJT2eBDLTyBJVwzw==
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0OMVhgblbJqe8zCEA56v2nfkaQ7dg3Pl8dmWsZT0CCPiBhXhdFV9T_CaIlOlwENDEycy0eUZ9a_MPw_Djj0QkyEKhM6HOE&google_hm=oYrGrneJT2eBDLTyBJVwzw==
date
Fri, 06 Jan 2023 12:45:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame B267
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEENd1eMSPHg1gJVTNLgZjR4&google_cver=1&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSKeu...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEENd1eMSPHg1gJVTNLgZjR4&google_cver=1&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cK...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU4NzM3OTIxNDgxODQ0ODc5Mw&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU4NzM3OTIxNDgxODQ0ODc5Mw&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSKeugJFMZiABHtDObhSDl6w
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTU4NzM3OTIxNDgxODQ0ODc5Mw&google_push=AavPq0NG4_mQUfQ-Yu7BkZEu3_w9JyxELPIdjmS1un7G12P4a7CCLkAxrySZc9yFct1oonu67cKbSKeugJFMZiABHtDObhSDl6w
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B267
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kfyb_D9iQGSIidJOmbJW6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kfyb_D9iQGSIidJOmbJW6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OXzPCkYf84Rr35vMCQAztE_7MBbJRCheJT3e3RcSgwPZ0DvLwaPc3ZJUkPpcCCWk_DWth9EDy5Eld7cNF1_7_awFYzpRE
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=kfyb_D9iQGSIidJOmbJW6Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OXzPCkYf84Rr35vMCQAztE_7MBbJRCheJT3e3RcSgwPZ0DvLwaPc3ZJUkPpcCCWk_DWth9EDy5Eld7cNF1_7_awFYzpRE
date
Fri, 06 Jan 2023 12:45:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B267
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-31e3928e-405e-45a6-a649-2fb9974c4e2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PzeygUAS3EWK-M87ETj...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w&google_hm=AzHjko5AXkWmpkkvuZdMTiw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w&google_hm=AzHjko5AXkWmpkkvuZdMTiw
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PzeygUAS3EWK-M87ETj0Ah2taLvkcmO3XfY7Z6pxmU7yYr7pXUbLxUp3UNHYi-Rn6f-9iQzA3FOIDBSmeymZGMfXjLI5w&google_hm=AzHjko5AXkWmpkkvuZdMTiw
date
Fri, 06 Jan 2023 12:45:31 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX31e3928e405e45a6a6492fb9974c4e2c003
content-type
text/html
/
onetag-sys.com/match/ Frame B267
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKD-v4oosQKTGz4SKJAfQhA&google_cver=1&google_push=AavPq0O8x2tsp_g-7nqY2u7cDOGBumPS4Gc89OptDSSiSZfkQgp-gblThcMPLhQvUdfcuWYOwUWO4-D8Ju0...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0O8x2tsp_g-7nqY2u7cDOGBumPS4Gc89OptDSSiSZfkQgp-gblThcMPLhQvUdfcuWYOwUWO4-D8Ju0QVf4npCouNE3hzAqQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B267 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfMI4LN4mKPcVrjdMVaWWBqF7DbxXScWVl4apUM3Fxtw7BAKK_Vyw0iMCPXUXwbHXbFd46jA
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68&uad=b8587bd86363574b1501f9b1612ba563d25ec14dba7d3f31efdab950dc5f8a11&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 06 Jan 2023 12:45:31 GMT
cache-control
no-store
server
nginx
index.html
s0.2mdn.net/sadbundle/4169285169137119543/ Frame 6822 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cb64cde3e3845ab96b5d720be38f4d0395f778da33403871abfdabe64bac11a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2278
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:31 GMT
expires
Sat, 06 Jan 2024 12:45:31 GMT
last-modified
Wed, 14 Sep 2022 10:36:23 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B108 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCovh_vCQwbx3TO3ZmjBLuSiof1Wn7Tg31-bkGfR6h96AKo9ryauDvAEU1yjiKJJUuxMMFNj_V_jQ9Pb3VEA0e3-zYqCQcaIqiVrjjwjLWAmokT2xYoA52qoNA6JM0NALZOwF8TGZmor-uj5Bw6oGUL6pStrR2Ux9fNdSVkI8194u59DKQOMPSnUdOPNJN_D18A2rUl68Y5ukIsIfFnv315-6ZRfoh15dz6xUEyIIx3xyw0Qra_--ifoZyFTf2W9CqWH5H_o8oVK637KqfjWHQO9hHju6oGjVelEetg-iSxOO0cbKTMFvxdk7FF3ct7kzaIup7nph7QYUJ08ZhIPPZ-f2CrXDBL7_MprjS92Wo0H2BsQ6gmXVosYHuSvg-qH6yyxGzzhUMNOxSc5m-KSwEonqwKqPU_dHCFoM_ktP7ezwHZ_wPn3r54q6nn1TSjcfcbbJYinIS9D4KcgbBlu8nvQsmMEmXU11z8MyoT-aG4NuAKlU2yTbvhGYUYBOsjW_KaFCoXV5rA-1XJaTwhozGLJ4g6g8RMaYAb3o7_V7pey6vCeqBYIMLhCJ9uLF0OfAywlCikRhQpTitKp_evBAEfE-Haks4AZB8kHAhs2E5d4hhX-xcgOzorsx9pe-CLXm_kzOXvvSd4p1Uyf7mzfY8y6hhZPxfqSWAR8CTkLDD3Zfln2dSit4h2vZyJGy6RU1piVtmGSh4u4XBByGHfDvqff17RoxWzYRghT8CA_ltqe5G2hbeiKz-YzP2YDEh9ZOU5Wt-e55PWtSKQXx3wPqawZYIqi-_q5rgIQm6u3zaBUkmQIl-G2p8es-OTBjKWMVJl6bwld9-Thq30Zf6zqeLW-CX9FxlWUN40Btqq9bX2b6djl129yDsQV_orXzNhFyB_Zd3roLirFcqNgQ3CjoxRrtXF9y9QCvyW85wqHNghMU2EazZor3PYr_8_AdWu4kOd_NHttm9pest2XYekpuD-AjFOv4Fl6ECPB8-FEj1A_kh7AIGQE0YGeA2aqzZW24sUw9j765ElFeV0iqHHEPSmebGujHc6ykcV50eYJZ1hhNevBjVhz0jG2UVB-UY-cdiYpZcaB5eOzo671naEvHGDopaN1xaoi2xxd00JW-DMGnLvRmc8Pp5Op-AW58uTzfuSd2gQ0ZpM-E_zvXiiamRijM4nMVjyQKtM42BN7RPpVVarIMIojZQrVggiiXZhKao4x2KWaL_GiYrh-CIaQ9j-j6nMeWuYsuU5yOpvDsfzzHNoXYtK9nS3FELBdgKjBKdIht2E2XHFnfsMrqZNL_IEy4N-bQC8sRRL9MZ5ILuCnOdrPJXsYqHplHstOn2wNmBLDh9FyLK_b3i289mKaFUIa1FIMrrBMd93NTmbWyLSLuj9TMgk9cerWP1ePH_sT1pUIb1ZmdnOnCcDHmq04C85nQ4ht1QJyskbb2x_OV59LXlzg&sai=AMfl-YSg1tZEGjtmSjnSKf_lKqYxSI27ymcaae-eISimwFHRvk9jr8hxsNmkBpLrrYZjW7oERkWHGeGgTRYrelGXgZI0MpeH8SCtY0twZDnlNllwyYYcMxOYKTQiDOGa0K5zaP0DJLBIPGKAocILTMOJDqW98zDZTN3ieMDv7IWIjCWoBIbSbXZBJ_KJ8eaBGC6WdAweU2YUBF5yDJaJKMlGIne3jT3xn1wrNkSl9FY1MDqAUc1S_7HD4PB0c68zpWzmymWF-LG8XeEDCw&sig=Cg0ArKJSzNXZ31oksAMJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=212&cbvp=1&cstd=206&cisv=r20230104.76103&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Jan 2023 12:45:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:31 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame DB9C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 23:05:30 GMT
1661867165592.css
s0.2mdn.net/sadbundle/4169285169137119543/ Frame 6822 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae821393730d4f47ed22922fdc5f36319c2c66f2d9396da23dfe76771376fa18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2411
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 23:00:38 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6822 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 13:02:26 GMT
1661867165592.js
s0.2mdn.net/sadbundle/4169285169137119543/ Frame 6822 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4169285169137119543/index.html?e=69&leftOffset=0&topOffset=0&c=JkG2bLbnI2&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11482
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 23:00:38 GMT
logo.svg
s0.2mdn.net/sadbundle/4169285169137119543/ Frame 6822 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4169285169137119543/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 23:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395093
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1365
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 10:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 23:00:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DB9C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkU1N6he4Y83vOuvR7_UP5pOeqAkAAAAAOAHgBAI&bg=!q6ilqOzNAAYDMoyoIzI7ACkAdvg8WoSquE8olkNnfAL-_cwX_MpR45FxYSSkpQaKogsoueLAJCBfJAIAAAB0UgAAAARoAQeZAvv5_j9382DHTXTfiM4nYrk_fvR2gN7RPBNdS7qYrLL5WjjyzjEyaGOP4D9TncUpULZqVJ1P01t67_LRmFpeUgNjPiPHcFbzEeLHdVkYLhnNhvNNgguQXFG1TU6mRc5_BqxrY4Dkts0vJbQf1TNM3MehZUH-XJ-McHHffaUroBju7nHyFm2UKnn4V9mDvvMfgBsYqgNlaXqv0EhSOU42XZrdSPyXb4EponXd_7pqev0c27CXSQGHPMyncAwT0NIe0gmLnW4YnqbI968dqZMnuj2x6ZvixcHsLwE5wtle4PJfrdcuoSXoMUdVOR8T6Y7u_EYE-7RHIbmYndCA_Li5vTc_Woq17umwR9zZ8qWlTvWwilLq63X07RVv3ZMI_vhgJq2klOxL2fbnMFgymwcKo4fPUGY3KOxn3tv69yfFVjDDUpeB1NdVCI-8Ft27hqH-7kNF2L_A4URbptynggWgC9tmvptX6tItmBYBp0NYohbpagpRrZhIAjTgixtPIwE3pTqPcs89FXEaY8XJc0eUv0u1OtFH8wA0S2aAUkeLiMDvtaxJTKmAI5Ahvte5LxodxxqYI-0RdnTMhkQBWO8a5VgKL_CaJT16vPNx-_NT_cWT94NZT-VDRtR_L3kgf6ggGicWQz609JHIShnQio3KIfCiEwyCEt_KDkBe9-xvLTGtPiu4IKIGLt8BWLHsSSpABBIyWoqleswQoESko7XkD6FMYFLPR1L3yRJEgzUx1IJ8X6SR6gD3_byuGR6i5_5FxKUWvK2CeM-ytxGVLm1JUWn0HDJZOAbS4-bi6l_OVpbnz40eW96deYjXZihS0w8ELrBw1g4iozzCHh_5kBGkyYMBh6dcupLE-bTfiQH0w92uKFtMulRq5i3LhBn75VtYkAGLDEZ_Pktmv_T_wcDSyYHRjhqiRMjPaRsRAwiWk3-uV94-XnyM4Jdhyxa2P0HE675cEo3fVEl9QsJ5wkQ2h43PCxWpXRFU_JCjVDcOyEp5SE5T3rp9qmmrX3lQ
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B108 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvCovh_vCQwbx3TO3ZmjBLuSiof1Wn7Tg31-bkGfR6h96AKo9ryauDvAEU1yjiKJJUuxMMFNj_V_jQ9Pb3VEA0e3-zYqCQcaIqiVrjjwjLWAmokT2xYoA52qoNA6JM0NALZOwF8TGZmor-uj5Bw6oGUL6pStrR2Ux9fNdSVkI8194u59DKQOMPSnUdOPNJN_D18A2rUl68Y5ukIsIfFnv315-6ZRfoh15dz6xUEyIIx3xyw0Qra_--ifoZyFTf2W9CqWH5H_o8oVK637KqfjWHQO9hHju6oGjVelEetg-iSxOO0cbKTMFvxdk7FF3ct7kzaIup7nph7QYUJ08ZhIPPZ-f2CrXDBL7_MprjS92Wo0H2BsQ6gmXVosYHuSvg-qH6yyxGzzhUMNOxSc5m-KSwEonqwKqPU_dHCFoM_ktP7ezwHZ_wPn3r54q6nn1TSjcfcbbJYinIS9D4KcgbBlu8nvQsmMEmXU11z8MyoT-aG4NuAKlU2yTbvhGYUYBOsjW_KaFCoXV5rA-1XJaTwhozGLJ4g6g8RMaYAb3o7_V7pey6vCeqBYIMLhCJ9uLF0OfAywlCikRhQpTitKp_evBAEfE-Haks4AZB8kHAhs2E5d4hhX-xcgOzorsx9pe-CLXm_kzOXvvSd4p1Uyf7mzfY8y6hhZPxfqSWAR8CTkLDD3Zfln2dSit4h2vZyJGy6RU1piVtmGSh4u4XBByGHfDvqff17RoxWzYRghT8CA_ltqe5G2hbeiKz-YzP2YDEh9ZOU5Wt-e55PWtSKQXx3wPqawZYIqi-_q5rgIQm6u3zaBUkmQIl-G2p8es-OTBjKWMVJl6bwld9-Thq30Zf6zqeLW-CX9FxlWUN40Btqq9bX2b6djl129yDsQV_orXzNhFyB_Zd3roLirFcqNgQ3CjoxRrtXF9y9QCvyW85wqHNghMU2EazZor3PYr_8_AdWu4kOd_NHttm9pest2XYekpuD-AjFOv4Fl6ECPB8-FEj1A_kh7AIGQE0YGeA2aqzZW24sUw9j765ElFeV0iqHHEPSmebGujHc6ykcV50eYJZ1hhNevBjVhz0jG2UVB-UY-cdiYpZcaB5eOzo671naEvHGDopaN1xaoi2xxd00JW-DMGnLvRmc8Pp5Op-AW58uTzfuSd2gQ0ZpM-E_zvXiiamRijM4nMVjyQKtM42BN7RPpVVarIMIojZQrVggiiXZhKao4x2KWaL_GiYrh-CIaQ9j-j6nMeWuYsuU5yOpvDsfzzHNoXYtK9nS3FELBdgKjBKdIht2E2XHFnfsMrqZNL_IEy4N-bQC8sRRL9MZ5ILuCnOdrPJXsYqHplHstOn2wNmBLDh9FyLK_b3i289mKaFUIa1FIMrrBMd93NTmbWyLSLuj9TMgk9cerWP1ePH_sT1pUIb1ZmdnOnCcDHmq04C85nQ4ht1QJyskbb2x_OV59LXlzg&sai=AMfl-YSg1tZEGjtmSjnSKf_lKqYxSI27ymcaae-eISimwFHRvk9jr8hxsNmkBpLrrYZjW7oERkWHGeGgTRYrelGXgZI0MpeH8SCtY0twZDnlNllwyYYcMxOYKTQiDOGa0K5zaP0DJLBIPGKAocILTMOJDqW98zDZTN3ieMDv7IWIjCWoBIbSbXZBJ_KJ8eaBGC6WdAweU2YUBF5yDJaJKMlGIne3jT3xn1wrNkSl9FY1MDqAUc1S_7HD4PB0c68zpWzmymWF-LG8XeEDCw&sig=Cg0ArKJSzNXZ31oksAMJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=400&vt=11&dtpt=188&dett=3&cstd=206&cisv=r20230104.76103&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:45:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c7fef804a151e6a23eae3ab777abf179634e8c7c0c82db022d918aaa1b38fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11237
x-xss-protection
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=AAB901C007F44A67B586C282F1917E6F&RedC=c.clarity.ms&MXFR=38A9455BC85B6F153DF357CACC5B6129
  • https://c.clarity.ms/c.gif?CtsSyncId=AAB901C007F44A67B586C282F1917E6F&MUID=00428D9D6F3F674B33029F0C6EB46624
42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=AAB901C007F44A67B586C282F1917E6F&MUID=00428D9D6F3F674B33029F0C6EB46624
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:30 GMT
last-modified
Thu, 05 Jan 2023 17:40:42 GMT
server
Microsoft-IIS/10.0
etag
"d59a6ed52c21d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9089E7FE5764386B509191F59274570 Ref B: FRA31EDGE0508 Ref C: 2023-01-06T12:45:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=AAB901C007F44A67B586C282F1917E6F&MUID=00428D9D6F3F674B33029F0C6EB46624
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 6822 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 19:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
320268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 19:47:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6822 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49e3b440aac254f624d681b9096f341d0b8b55f519654125872f9e1a287f8877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5756
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6822 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:45:31 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 6822 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:38:32 GMT
x-content-type-options
nosniff
age
419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 12:53:32 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 6822 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4169285169137119543/1661867165592.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:38:41 GMT
x-content-type-options
nosniff
age
410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 12:53:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:45:31 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 22DE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 23:05:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDF4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 10:52:39 GMT
expires
Sat, 06 Jan 2024 10:52:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F059 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e6af27034814713cdcefafc1a3a40467202fecb8e04f32bbf067d51d139b8419
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7HKe2VedxmsZz3bv7Ooz3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7HKe2VedxmsZz3bv7Ooz3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:31 GMT
expires
Fri, 06 Jan 2023 12:45:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJoXzQ2MHg3MDBfMjIxMC1hbmYtbS1pY29uczdiODMzMzZkLTE0ZDQtNDMxZi05YTViLTkwNjY1OWM4ZmQxMS5wbmciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjE5N...
d27rf63iunghx1.cloudfront.net/ Frame 6822 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJoXzQ2MHg3MDBfMjIxMC1hbmYtbS1pY29uczdiODMzMzZkLTE0ZDQtNDMxZi05YTViLTkwNjY1OWM4ZmQxMS5wbmciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjE5NDAsImhlaWdodCI6MTgwLCJmaXQiOiJpbnNpZGUifX19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4a00:15:6513:6d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
74bb549f0ebefbd7dd43ec069e9a11bf9dc4e26b82c56806f322dbb6ed83cd19

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:11:13 GMT
via
1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
246858
x-amzn-requestid
8a4904b4-705e-43bf-a18e-4b4ec3be2e50
x-cache
Hit from cloudfront
x-amz-apigw-id
eLIBRFVnFiAFtjg=
content-length
34129
last-modified
Tue, 22 Nov 2022 15:10:18 GMT
x-amzn-trace-id
Root=1-63b453a1-75fe28821327b8cd127a78f0
access-control-allow-methods
GET
content-type
png
access-control-allow-origin
*
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
ImmHfbFggaezZmYeaazff1ofMb3o1M6M6bdHxI5Jnda4ZbeU8St97w==
eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiI3MjB4NjEwX3N0b2VyZXItZ2JwbHVzXzJ6ZWlsaWc1YzY3ZDhjZi03MDk0LTQ2ZGYtYmM1NS1iM2ZkYTRkODJhZDgucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoI...
d27rf63iunghx1.cloudfront.net/ Frame 6822 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiI3MjB4NjEwX3N0b2VyZXItZ2JwbHVzXzJ6ZWlsaWc1YzY3ZDhjZi03MDk0LTQ2ZGYtYmM1NS1iM2ZkYTRkODJhZDgucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoxOTQwLCJoZWlnaHQiOjE4MCwiZml0IjoiaW5zaWRlIn19fQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4a00:15:6513:6d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3238f7245bfd8b76ecab5ba2dc75f683b5c1a8e342e30db6bf79656fb5dc673b

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:11:13 GMT
via
1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
246858
x-amzn-requestid
87cb670a-2872-4071-a1dd-f83d67d6df87
x-cache
Hit from cloudfront
x-amz-apigw-id
eLIBRHNaFiAFkew=
content-length
28873
last-modified
Tue, 22 Nov 2022 15:10:17 GMT
x-amzn-trace-id
Root=1-63b453a1-5aa16d5d6a79a93d2696bdf6
access-control-allow-methods
GET
content-type
png
access-control-allow-origin
*
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
yYZisrCAVtyqVC99xpec71xL1itiRRwmVAAQ-tpl61Dts7jjDMsyjQ==
sodar
pagead2.googlesyndication.com/pagead/ Frame F059 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=4223761826808341&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame BDF4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 23:05:30 GMT
eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJoXzQ2MHg3MDBfMjIxMC1hbmYtbS1pY29uczdiODMzMzZkLTE0ZDQtNDMxZi05YTViLTkwNjY1OWM4ZmQxMS5wbmciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjE5N...
d27rf63iunghx1.cloudfront.net/ Frame 6822 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiJoXzQ2MHg3MDBfMjIxMC1hbmYtbS1pY29uczdiODMzMzZkLTE0ZDQtNDMxZi05YTViLTkwNjY1OWM4ZmQxMS5wbmciLCJlZGl0cyI6eyJyZXNpemUiOnsid2lkdGgiOjE5NDAsImhlaWdodCI6MTgwLCJmaXQiOiJpbnNpZGUifX19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4a00:15:6513:6d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
74bb549f0ebefbd7dd43ec069e9a11bf9dc4e26b82c56806f322dbb6ed83cd19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:13:18 GMT
via
1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
246733
x-amzn-requestid
cfabc8a5-9a04-4d9c-bcd1-77722c713b2f
x-cache
Hit from cloudfront
x-amz-apigw-id
eLIUxG1bFiAFWrw=
content-length
34129
last-modified
Tue, 22 Nov 2022 15:10:18 GMT
x-amzn-trace-id
Root=1-63b4541e-4d15652d2722a3073abad8da
access-control-allow-methods
GET
content-type
png
access-control-allow-origin
*
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
ARmO3US82UNtDS9RDMQQC1Yh1BK2MtF4oDbr8E7DQjGDqVaX0EF_Ug==
generate_204
tpc.googlesyndication.com/ Frame BDF4 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bizhTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:45:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B108 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGSfvWaiBRK26iZRlcNytFPPWRA18svWdAjyaOuvprAGn8zhBZF66sLQbM0hkSQ7UVOFCEwr_DcyFmLRsZgsfQ9VNzWz5-TOAab7RlovbI3xdm0lcCNPJaHNi1-SjCKOdfw--JMQ&sai=AMfl-YSBQG6eKCkK-OEJvcMBJxV1iDR5k7VJw4hn4f-LnCwPc7yAJpx6su50c5Jbigl_VOmu-j5BLbEqh3b4b_XS_EvL-hmtxenI8GcBK-lJVDgRvq05UYiDLgxsDbeHq9w&sig=Cg0ArKJSzJQVv6R-fUknEAE&cid=CAQSPADq26N9oMwC_aReAO274NNn730h9rsQOlsfhMj68Euho7aQ1-n9JKFysRT_r9hGKwZce9EEdEFpavVB1RgBIBM&id=lidar2&mcvt=1000&p=1107,315,1197,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=614391757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673009130246&rpt=847&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame DE5A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=diariodonordeste.verdesmares.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:31 GMT
server
Kestrel
server-processing-duration-in-ticks
839032
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 07 Jan 2023 12:45:32 GMT
sid
mug.criteo.com/ Frame DE5A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=verdesmares.com.br&sn=ChromeSyncframe&so=0&topUrl=diariodonordeste.verdesmares.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=f3vBR3xmR01wTG9TQlAyVVlGT1RsUEQwQ0VQYWp1bTJHZW8xQjZBN3k3Sm1iRWFvM3ZRaGM3K01uK0RlNE9lRS80d25MQmY4a1Q1bUZMMVNBTnRXMTRueW51alZ1N0lyTjZ6SmE5bjNNMU16UVRaWllZUjVBdWNIbzdnby...
449 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=f3vBR3xmR01wTG9TQlAyVVlGT1RsUEQwQ0VQYWp1bTJHZW8xQjZBN3k3Sm1iRWFvM3ZRaGM3K01uK0RlNE9lRS80d25MQmY4a1Q1bUZMMVNBTnRXMTRueW51alZ1N0lyTjZ6SmE5bjNNMU16UVRaWllZUjVBdWNIbzdnbytGY0xKelduMm45L08rTmE2VG9yeDZic3o4ekRkRjFQOTc5a1FORUtYYURSWEk0aGxZYWc4NDJqc2xTMmxIMnVQVXhVbjVJdmFPTzNaQm05RmJmZmMySUIxM25FUzB1alBkRXN5WUVzQTZYS3FMSWlubEtwRVlheUNjdUJQRGtRYjNsVnE5cWNCZG9ySDliRnhEZm4rLzhXSmh2cFgyMjcwa2M1UG1Odjd5NXFvTUoyVktUcz18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
14514b76463d056766a187bf54059acaf1ff05146169cc33998d286dc58a2cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2485548
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=f3vBR3xmR01wTG9TQlAyVVlGT1RsUEQwQ0VQYWp1bTJHZW8xQjZBN3k3Sm1iRWFvM3ZRaGM3K01uK0RlNE9lRS80d25MQmY4a1Q1bUZMMVNBTnRXMTRueW51alZ1N0lyTjZ6SmE5bjNNMU16UVRaWllZUjVBdWNIbzdnbytGY0xKelduMm45L08rTmE2VG9yeDZic3o4ekRkRjFQOTc5a1FORUtYYURSWEk0aGxZYWc4NDJqc2xTMmxIMnVQVXhVbjVJdmFPTzNaQm05RmJmZmMySUIxM25FUzB1alBkRXN5WUVzQTZYS3FMSWlubEtwRVlheUNjdUJQRGtRYjNsVnE5cWNCZG9ySDliRnhEZm4rLzhXSmh2cFgyMjcwa2M1UG1Odjd5NXFvTUoyVktUcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
700098
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=4223761826808341&bg=!rK-lr-vNAAYDMoyoIzI7ACkAdvg8WjD5gUqPZ42gqFDC-mXKd51dgeqWGMtaIpd3KTnMRxR06RUVZgIAAABPUgAAAAZoAQeZAqMVtzfmJ-U0pLmsLESafyVS7MtsZScZT-9wvVj8apx_ff9yf-CId8pO_mZBucxiqosPy5N10yaBtFxa4kkAc1q7_oS56M5mrfmGHtly-7nSHoVzBXjyWdq6DkMU5Hv41cPGfQgUiMzgnZ4MORzkAb2LvTehekKV9fF-4uQD-bJkQ9bKNnXvEevDObb6eFUtjuWnmlmxJKoCOUt205da8TIgVJoL59Zyy27tydqgXs049v7OBOnIHFQh0IaEPEux6vonH8s5UF8Ud8Len641j4dw8gv-nTg0lGZJSJPtBob7HV6FZ23-ISAqzvdCE0ev5GlqOUZoahpN1txSWxfxpvy5o5hHCBQLVtjSktMTtLlWvkfLWS-0sHP_5UN3TWuoisDTeOkSp31QgmWWXGkAVgYXSgoeEVBFyenC00scH2dfOsMqm_192RrevisKOIw6JnGZ83Q3_lZKWu6B6AaMx5r5qI_-g97uxVwceYe0L_tan_IrrCGj8vRQoXySCG2vf8EykrdzDuha1oqx0qas-FHPhQ7vSMLG1zdNnf1_hklpKqjDt9XECwf7-AMvsTNFjnX3gfMHn1w9bBuCKYEn5l11KbhN1WoVDC1jrIEiJXL51IVUXm0nkJqCzNyTavxylMg4Ir7frCmNJ3j2pb29SUiBn-ykoNrmhztJ2lDqvY3CRnM_OUnA5SQ30TyFMYdcbmf0W8jkMiW0ohE7rb7vvC7iNuIBw9l1S_EwNAu4k1QMM3PtLebJZfwyMt01EFb07eNtGhQzCW4HrRlcYLNuSACndiBoCPTTVA6v-k2ENyYRsqoD4OgCCb23BNU2D3hSZhpRO3R85cwKGca8XIEXlefShXqFfV2lAGlRD3VWmxW8gBwxPSFaSScBANUv0W9PnM1xuck
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
46575
tag.navdmp.com/u/ 		497 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 26 Aug 2022 15:00:58 GMT
server
cloudflare
etag
W/"6308e02a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
78548d318ea09259-FRA
expires
Fri, 06 Jan 2023 13:45:34 GMT
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/24efd11c-063c-46de-9749-1636434fcb6c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Fri, 06 Jan 2023 12:45:34 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
7M143009WAXN3Q25
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
STRx0Ic7Ail0QBZUMyPwaOMFfBJYtqEH2QK9RThy959S4vh7bnHagkR7gXzbW7US0LujPxZb7RI=
fpc
at.teads.tv/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_13576&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.69.48 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-48.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:34 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://diariodonordeste.verdesmares.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 06 Jan 2023 12:45:34 GMT
usr
usr.navdmp.com/ 		1 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ae2d279bfef2ba78509baf464d2f725aa12acde5cd0df6d8bae0ca86a7f6d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 06 Jan 2023 12:45:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
78548d32982a9259-FRA
expires
Fri, 06 Jan 2023 13:45:34 GMT
req
cdn.navdmp.com/ 		6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=1207f10f7fc5f4fd6f23e7f74b10%7C0&acc=46575&tit=Di%25E1rio%2520do%2520Nordeste%2520-%2520%25DAltimas%2520not%25EDcias%2520de%2520Fortaleza%252C%2520Cear%25E1%252C%2520Brasil&url=https%253A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&upd=1&new=1&h1=PONTOPODER
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d33a9359259-FRA
content-length
6
content-type
application/x-javascript
sync
sync.navdmp.com/
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75
  • https://ad.sxp.smartclip.net/sync?type=red&dsp=75&ang_testid=1
  • https://sync.navdmp.com/sync?prtid=25&sclid=accc09dc-ee17-b863-7187-8edb5b5fdab6
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=25&sclid=accc09dc-ee17-b863-7187-8edb5b5fdab6
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d34aa5d9259-FRA
content-length
6
content-type
application/javascript

Redirect headers

date
Fri, 06 Jan 2023 12:45:34 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.navdmp.com/sync?prtid=25&sclid=accc09dc-ee17-b863-7187-8edb5b5fdab6
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
sync.navdmp.com/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/DuqQKWX7/?redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D17%26tubid%3D%24%7BTM_USER_ID%7D&_test=Y7gX7gAJr0HIjwAp
  • https://sync.navdmp.com/sync?prtid=17&tubid=Y7gX7gAJr0HIjwAp&_test=Y7gX7gAJr0HIjwAp
6 B
80 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.navdmp.com/sync?prtid=17&tubid=Y7gX7gAJr0HIjwAp&_test=Y7gX7gAJr0HIjwAp
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78548d34fac59259-FRA
content-length
6
content-type
application/javascript

Redirect headers

x-served-by
cache-hhn-etou8220025-HHN
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1673009135.852840,VS0,VE0
x-cache
HIT
location
https://sync.navdmp.com/sync?prtid=17&tubid=Y7gX7gAJr0HIjwAp&_test=Y7gX7gAJr0HIjwAp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
navegg.php
gu.dyntrk.com/dp/ 		0
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gu.dyntrk.com/dp/navegg.php?pid=nav3gg&uid=77442649983
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.160.77 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3195934.ip-135-125-160.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:34 GMT
content-encoding
gzip
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
tpid=77442649983
sync.crwdcntrl.net/map/c=15478/tp=NVEG/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=77442649983?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.185.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-185-121.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.65
content-length
49
expires
0
31435
tags.bluekai.com/site/ 		62 B
227 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/31435?id=77442649983&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 06 Jan 2023 12:45:34 GMT
content-length
62
content-type
image/gif
cm
trc.taboola.com/sg/navegg/1/ 		43 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/sg/navegg/1/cm
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
via
1.1 varnish
x-served-by
cache-hhn-etou8220091-HHN
server
nginx
x-timer
S1673009135.661430,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ 		0
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=1207f10f7fa2fd684f7a85e55f10
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.78.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-78-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n009-dub-prod.krxd.net
date
Fri, 06 Jan 2023 12:45:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1673009134
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
sync.navdmp.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=822&dpuuid=77442649983&redir=https%3A//sync.navdmp.com/sync%3Fid%3D77442649983%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=822&dpuuid=77442649983&redir=https%3A//sync.navdmp.com/sync%3Fid%3D77442649983%26adID%3D%24%7BDD_UUID%7D%26img%3D1
  • https://sync.navdmp.com/sync?id=77442649983&adID=25220870053022464214558780979632426501&img=1
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?id=77442649983&adID=25220870053022464214558780979632426501&img=1
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:35 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
78548d358b579259-FRA
content-length
43
content-type
image/gif

Redirect headers

DCS
dcs-prod-irl1-1-v045-078626053.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4TzsnwnXRZk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.navdmp.com/sync?id=77442649983&adID=25220870053022464214558780979632426501&img=1
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.navdmp.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.navdmp.com/sync?appNx=$UID&img=1
  • https://sync.navdmp.com/sync?appNx=4158191924542238869&img=1
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?appNx=4158191924542238869&img=1
Protocol
H2
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:34 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
78548d3449e69259-FRA
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 06 Jan 2023 12:45:34 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5cd493d2-d785-4549-93cb-967feb07c25c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?appNx=4158191924542238869&img=1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=u7695wg&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D36%26uid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://sync.navdmp.com/sync?prtid=36&uid=[sas_uid]&cklb=1
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiI3MjB4NjEwX3N0b2VyZXItZ2JwbHVzXzJ6ZWlsaWc1YzY3ZDhjZi03MDk0LTQ2ZGYtYmM1NS1iM2ZkYTRkODJhZDgucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoI...
d27rf63iunghx1.cloudfront.net/ Frame 6822 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d27rf63iunghx1.cloudfront.net/eyJidWNrZXQiOiJhZGNtcy1tZWRpYS10cmltbWVkLXByb2R1Y3Rpb24iLCJrZXkiOiI3MjB4NjEwX3N0b2VyZXItZ2JwbHVzXzJ6ZWlsaWc1YzY3ZDhjZi03MDk0LTQ2ZGYtYmM1NS1iM2ZkYTRkODJhZDgucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoxOTQwLCJoZWlnaHQiOjE4MCwiZml0IjoiaW5zaWRlIn19fQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:4a00:15:6513:6d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3238f7245bfd8b76ecab5ba2dc75f683b5c1a8e342e30db6bf79656fb5dc673b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 16:13:21 GMT
via
1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
246733
x-amzn-requestid
719e4a80-7768-4675-91bc-c05e938e9c33
x-cache
Hit from cloudfront
x-amz-apigw-id
eLIVPHWNliAFYFg=
content-length
28873
last-modified
Tue, 22 Nov 2022 15:10:17 GMT
x-amzn-trace-id
Root=1-63b45421-31e8a529247e4ab63f69e347
access-control-allow-methods
GET
content-type
png
access-control-allow-origin
*
cache-control
max-age=31536000,public
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
YlVeizrx1a15bfdjtuR6ur__l9p8xeGK0tOZfcs-PhahsFbeg34Obg==
dc_oe=ChMIzYzU1_yy_AIV6-i7CB3miQeVEAAYACDg2uxKQhMIrI2V1_yy_AIVj-aaCh1n2Amy;stragg=1;&timestamp=1673009134785;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame B108 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzYzU1_yy_AIV6-i7CB3miQeVEAAYACDg2uxKQhMIrI2V1_yy_AIVj-aaCh1n2Amy;stragg=1;&timestamp=1673009134785;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&domain=diariodonordeste.verdesmares.com.br&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=j3Z39XwxV2JWM0ZsQXBLV1pMRy9IQ0tkU3hCOS9RZ2ZUZzd1SlFWZldSdE0wNE5HY21wa1R6Z3pHUU9kQjBFS1N4WlJadmxmM1h0Ym04a2k5aXI2YU4xMjBVaGttbkUwR0pQclIvWUp3M1h4SmU2ZmdUUEJVaVVBOVdLTk...
474 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j3Z39XwxV2JWM0ZsQXBLV1pMRy9IQ0tkU3hCOS9RZ2ZUZzd1SlFWZldSdE0wNE5HY21wa1R6Z3pHUU9kQjBFS1N4WlJadmxmM1h0Ym04a2k5aXI2YU4xMjBVaGttbkUwR0pQclIvWUp3M1h4SmU2ZmdUUEJVaVVBOVdLTkZrKzhTUUJXSE1qdGJWK0tRTnFFSVl0QnNNQm40N0dIZjNjOFBCUnJISnZ4VldPMWhBNm1mREhQZ1M5dXA5V0lCb25YN3ZFckI5UGdMOGt1TUZaNzduUWFOZW5pcnVLelhBTTRQd1RrWFRva2lKbnFWRW5OMERqRlh3bXVBN25QcDBXbGptek1VdkRzZzgwbGlpSFRybGsxU3oxdDVHWkNrV1MvR2h3UGYxbTdVMU5NRitSVWJqM3MyVjhnc2MzbXdpbk5rZmlLR3w&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
72693af653139ede0baa62dae577ded6a9012fe8ecffe91d101ec6c7b29686fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4104446
expires
0

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=j3Z39XwxV2JWM0ZsQXBLV1pMRy9IQ0tkU3hCOS9RZ2ZUZzd1SlFWZldSdE0wNE5HY21wa1R6Z3pHUU9kQjBFS1N4WlJadmxmM1h0Ym04a2k5aXI2YU4xMjBVaGttbkUwR0pQclIvWUp3M1h4SmU2ZmdUUEJVaVVBOVdLTkZrKzhTUUJXSE1qdGJWK0tRTnFFSVl0QnNNQm40N0dIZjNjOFBCUnJISnZ4VldPMWhBNm1mREhQZ1M5dXA5V0lCb25YN3ZFckI5UGdMOGt1TUZaNzduUWFOZW5pcnVLelhBTTRQd1RrWFRva2lKbnFWRW5OMERqRlh3bXVBN25QcDBXbGptek1VdkRzZzgwbGlpSFRybGsxU3oxdDVHWkNrV1MvR2h3UGYxbTdVMU5NRitSVWJqM3MyVjhnc2MzbXdpbk5rZmlLR3w&cppv=2
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
542966
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&domain=diariodonordeste.verdesmares.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://diariodonordeste.verdesmares.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 06 Jan 2023 12:45:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
641824
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A8EA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.68.187 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-187.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 06 Jan 2023 12:45:34 GMT
ETag
"623de86a-cf34"
Expires
Sat, 07 Jan 2023 12:45:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4D8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1673009129541
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame D9A4 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 06 Jan 2023 12:45:34 GMT
usync.html
eus.rubiconproject.com/ Frame EBFA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Jan 2023 12:45:34 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j3Z39XwxV2JWM0ZsQXBLV1pMRy9IQ0tkU3hCOS9RZ2ZUZzd1SlFWZldSdE0wNE5HY21wa1R6Z3pHUU9kQjBFS1N4WlJadmxmM1h0Ym04a2k5aXI2YU4xMjBVaGttbkUwR0pQclIvWUp3M1h4SmU2ZmdUUEJVaVVBOVdLTkZrKzhTUUJXSE1qdGJWK0tRTnFFSVl0QnNNQm40N0dIZjNjOFBCUnJISnZ4VldPMWhBNm1mREhQZ1M5dXA5V0lCb25YN3ZFckI5UGdMOGt1TUZaNzduUWFOZW5pcnVLelhBTTRQd1RrWFRva2lKbnFWRW5OMERqRlh3bXVBN25QcDBXbGptek1VdkRzZzgwbGlpSFRybGsxU3oxdDVHWkNrV1MvR2h3UGYxbTdVMU5NRitSVWJqM3MyVjhnc2MzbXdpbk5rZmlLR3w&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 06 Jan 2023 12:45:34 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
471051
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame A8EA 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:34 GMT
AN-X-Request-Uuid
53434a93-bc0f-40fe-8fe2-4924646ef3ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EBFA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f3f47120adc3630d0df29449d4cf2fd3bde9022d98c882f8cc342902039c0cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 12:45:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 19:11:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23156
Connection
keep-alive
Content-Length
10066
Expires
Fri, 06 Jan 2023 19:11:31 GMT
tap.php
pixel.rubiconproject.com/ Frame EBFA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDwWRRKWzghVKQYv4v7HhE8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDwWRRKWzghVKQYv4v7HhE8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDwWRRKWzghVKQYv4v7HhE8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EBFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSUZVNFctMTgtMUJKSA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSUZVNFctMTgtMUJKSA==
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENLSUZVNFctMTgtMUJKSA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame EBFA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 06 Jan 2023 12:45:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame EBFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XD6x-noULzW8RFsdfa-Xssn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NxDzq9ZE2oJKypVElaqf5cxsf9dMZLPI4URuCw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NxDzq9ZE2oJKypVElaqf5cxsf9dMZLPI4URuCw--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 06 Jan 2023 12:45:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NxDzq9ZE2oJKypVElaqf5cxsf9dMZLPI4URuCw--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EBFA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=o4W_-HI_RnuwIKgzEET3rg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=o4W_-HI_RnuwIKgzEET3rg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=o4W_-HI_RnuwIKgzEET3rg
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
26TNMH2NGCK9KFVRZTQY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=o4W_-HI_RnuwIKgzEET3rg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame EBFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKIFU4W-18-1BJH
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKIFU4W-18-1BJH
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:35 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E8FA9893D9E44A3EBBDC809B66D3AE23 Ref B: FRAEDGE1516 Ref C: 2023-01-06T12:45:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxl8s6viKLdoE6Y4/8dw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCKIFU4W-18-1BJH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EBFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZlZjlkNGI2MjRjZjE0YTgwMGQ0ZjcyYjBjZmUyYmFkODhhMDhlZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZlZjlkNGI2MjRjZjE0YTgwMGQ0ZjcyYjBjZmUyYmFkODhhMDhlZQ
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzZlZjlkNGI2MjRjZjE0YTgwMGQ0ZjcyYjBjZmUyYmFkODhhMDhlZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame EBFA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GGsSp19vRMqhKkEJGLHPPA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GGsSp19vRMqhKkEJGLHPPA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GGsSp19vRMqhKkEJGLHPPA
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z4145DCHKN3B3X306X3A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GGsSp19vRMqhKkEJGLHPPA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame A8EA 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:45:35 GMT
AN-X-Request-Uuid
c2198c3b-5901-4f7c-8cb7-ed976e14032f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.7.1/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
date
Fri, 06 Jan 2023 12:45:36 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
dc_oe=ChMIzYzU1_yy_AIV6-i7CB3miQeVEAAYACDg2uxKQhMIrI2V1_yy_AIVj-aaCh1n2Amy;met=1;&timestamp=1673009141484;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B108 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzYzU1_yy_AIV6-i7CB3miQeVEAAYACDg2uxKQhMIrI2V1_yy_AIVj-aaCh1n2Amy;met=1;&timestamp=1673009141484;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:45:46 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
dc_oe=ChMIzYzU1_yy_AIV6-i7CB3miQeVEAAYACDg2uxKQhMIrI2V1_yy_AIVj-aaCh1n2Amy;met=1;&timestamp=1673009151479;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame B108 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzYzU1_yy_AIV6-i7CB3miQeVEAAYACDg2uxKQhMIrI2V1_yy_AIVj-aaCh1n2Amy;met=1;&timestamp=1673009151479;eid1=2;ecn1=0;etm1=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s43-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:45:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:46:01 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://diariodonordeste.verdesmares.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-max-age
600
age
0
content-length
0
date
Fri, 06 Jan 2023 12:46:02 GMT
server
ATS/9.1.10.25
prebid-request
onetag-sys.com/ 		15 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		296 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
8abb6bf1017c9508b256a3bc46cfdccc62eaf38ceee24d8ee7ce7abc849e4227

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		114 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae040633d0b8edba169cc3ffb349bf0c6196574ff717b4bbf4b8cf850deec002

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 06 Jan 2023 12:46:02 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: P_DIARIO_DO_NORDESTE_HEADERSTICKY_0, Process Seats Booster. unable to get the seat booster engine for organization: 1048
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78548de189db9090-FRA
expires
0
auction
tlx.3lift.com/header/ 		19 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.26.0&referrer=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.180.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-180-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:02 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
11cef47a5d76dc0eddca842f7b25b92f2758ee41755286394bc47ecd8c09f107
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 06 Jan 2023 12:46:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.20; 217.114.218.20; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2c7b871d-3726-4d23-bf11-2a45c069f6d2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://diariodonordeste.verdesmares.com.br
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pb
ad.360yield.com/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.139.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-139-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
date
Fri, 06 Jan 2023 12:46:02 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cdb
bidder.criteo.com/ 		210 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=185&av=34&wv=7.26.0&cb=96318997464
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
d52c4ecae22296f543f5cdf8798f5ca867a1a22533bdedf5a9effe627e8ac5c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Jan 2023 12:46:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
198
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
233b9d6376601268b84443914ba9c3a6123a06916372270e011acfed1f2cf852

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 06 Jan 2023 12:46:02 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials
true
content-length
66
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=278982&zone_id=1419332&size_id=2&alt_size_ids=55%2C58&rp_schain=1.0,1!premiumads.com.br,ad245932-5fbb-4643-888f-058ed0a9f623,1,8a184047-88f4-4d36-96d5-41cb8fbb67a3,,&eid_criteo.com=1LPDPl9KNVNmMFdsb2kzV2N2dVVzeUNZYzNsNnU4WVF6a241RTRBTDE4WEJIVTVEZHJzUGNMYnJyd3RLb3J1RSUyRkhXJTJGNEcxMWljM05tWFhEajlwR0FyYnZsa0cwR0hpSEFwUDNUN1ZZNzUwMXM5NUZhJTJGNmZNOWdCWDNJTk1EOFdkQ1BiOA%5E1&eid_navegg.com=1207f10f7f383e7f058120c90e10%5E1&rf=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&tg_i.pbadslot=%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_HEADERSTICKY%23P_DIARIO_DO_NORDESTE_HEADERSTICKY_0&tk_flint=pbjs_lite_v7.26.0&x_source.tid=fdfb8cbf-5854-407a-b22d-04b5774009c8&l_pb_bid_id=50ce46f27af5198&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.0754&rp_maxbids=1&p_gpid=%2F75894840%2C1028625%2FDIARIO_DO_NORDESTE_HEADERSTICKY%23P_DIARIO_DO_NORDESTE_HEADERSTICKY_0&slots=1&rand=0.5785211352765887
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c0e9a6b1f9e8f8a90c7435c24b83a489dd2c42e37ddc27abec411dd3df63a5d9

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:02 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
events
bidder.criteo.com/csm/ 		0
236 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 06 Jan 2023 12:46:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		691 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?countrycode=DE
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::42 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
21bdac7561ae9a0316f34be946336cae36932ea757182e711839d6c26d54c67f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=diariodonordeste.verdesmares.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4223761826808341&correlator=3014994556557024&eid=31071145%2C31071299%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fif&iu_parts=75894840%3A1028625%2CDIARIO_DO_NORDESTE_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C1000x90&ifi=10&adks=614391757&didk=4147171542&sfv=1-0-40&fsbs=1&ris=33&rcs=1&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_refresh%3Dtrue%26pp_loop%3D01%26pp_pb%3D0.40%26hb_adomain%3Dnh-hotels.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.20%26hb_adid%3D52094e66d7887ff%26hb_bidder%3Drubicon&eri=1&cust_params=url%3Ddiariodonordeste.verdesmares.com.br%26categoria%3Dhome&sc=1&cookie=ID%3Dbf601a7e86c5b645%3AT%3D1673009128%3AS%3DALNI_MZm5YoR79HCQBJOqbPKu8cGRIl4Og&gpic=UID%3D00000b9e30be1ec8%3AT%3D1673009128%3ART%3D1673009128%3AS%3DALNI_MZ-ut7aKFxLWH-FoDXVt88zzLZt_Q&arp=1&abxe=1&dt=1673009162748&lmt=1673009162&dlt=1673009126853&idt=1735&adxs=315&adys=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdiariodonordeste.verdesmares.com.br%2F&frm=20&vis=1&psz=1000x-1&msz=1000x-1&fws=512&ohw=0&ga_vid=1897933078.1673009129&ga_sid=1673009129&ga_hid=712901505&ga_fc=true&ga_cid=467650393.1673009129
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70c825f3dd4d1f91d45f4cac979ab017acc42e82a8bc4644699e6eadff0400fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9631
x-xss-protection
0
google-lineitem-id
6007769249
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138391298280
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cri
match.prod.bidr.io/cookie-sync/ 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dnkdjol9zTkklMkZ5NFRFb0E3ZDFmR1pqVmNub3klMkY3OVBMb2ZQN1RtOWdkOVBJMzU3VSUzRA%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.69.248 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 06 Jan 2023 12:46:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=Nz5RG19qMSUyQlE0VWtHb1RGczlRZzRTdWN6YjJVM055VHZzOUJwT29jY0lqRUlGU1UlM0Q&gdpr=false&gdpr_consent=&us_privacy=&cr_user_id=k-dLbpNKIe7Z8ISyKz66OEDQO...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a18ac6ae-7789-4f67-810c-b4f2049570cf&ssp=criteo&gdpr=false&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a18ac6ae-7789-4f67-810c-b4f2049570cf&ssp=criteo&gdpr=false&gdpr_consent=
Protocol
H2
Server
34.98.67.61 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:03 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a18ac6ae-7789-4f67-810c-b4f2049570cf&ssp=criteo&gdpr=false&gdpr_consent=
date
Fri, 06 Jan 2023 12:46:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dBCxEK19uSm5nUDVGb1ZZS1ZQWm1NMUw5RXBkYUpMbEF3QVdpRjFUR2tFOUU0WHRjJTNE%26u%3d%3cTUID%3...
  • https://ssp-sync.criteo.com/user-sync/match?p=BCxEK19uSm5nUDVGb1ZZS1ZQWm1NMUw5RXBkYUpMbEF3QVdpRjFUR2tFOUU0WHRjJTNE&u=b8d7e218-1be3-43bf-b7b6-a02ee7c1a549-tuctab19d8b
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=BCxEK19uSm5nUDVGb1ZZS1ZQWm1NMUw5RXBkYUpMbEF3QVdpRjFUR2tFOUU0WHRjJTNE&u=b8d7e218-1be3-43bf-b7b6-a02ee7c1a549-tuctab19d8b
Protocol
H2
Server
2a02:2638::42 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diariodonordeste.verdesmares.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:02 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=BCxEK19uSm5nUDVGb1ZZS1ZQWm1NMUw5RXBkYUpMbEF3QVdpRjFUR2tFOUU0WHRjJTNE&u=b8d7e218-1be3-43bf-b7b6-a02ee7c1a549-tuctab19d8b
date
Fri, 06 Jan 2023 12:46:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27693
activeview
pagead2.googlesyndication.com/pcs/ Frame B108 		0
0
container.html
576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:45:28 GMT
expires
Sat, 06 Jan 2024 12:45:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7EB5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 08:20:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
102347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 05 Jan 2024 08:20:16 GMT
pbuc-min.js
static.premiumads.com.br/pbjs/ Frame 7EB5 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.premiumads.com.br/pbjs/pbuc-min.js?v=20220221
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c7c82034d05942708d9b34d82fb3199b70e0faad83e609ee549db028314acb48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Feb 2022 19:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
745994
etag
W/"9cf2b4ef5627d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLaxYeNj8HrulJLfzOgmNPEHfzM7%2FQkn2PKrXdcoR47kqFXXFZ0YN1LPzUh85szsqK0Q1QUQu%2FaH7NmRuaeMztipb9nPoNF55gBG7XIFWPuYYDMT1tA%2BSxORJOA5RTWyoSxNO%2Ff55Um9qpIeRkT84IxMd8hR3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31536000
cf-ray
78548de6c9609bb0-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7EB5 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:46:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7EB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulIKD5xQBJ2jE9BJVtRVwSIIYRaPHcmTrBtEI-GvfzA0DY1YPcReOjqhVbbkNVcznfRJ50-KTvvw7EYhFlaz1XsNDEdzNtUTvYjME5wlf6---P29679hG77xCIigN5QVJXukKtmTct9xVcIP3cgUA2UyoX_CIlvDgdppCGP_DZ3VI-QPieitOTAJGEr_0W8WvOXz7uJvJg-GZwe7zehG4IqHNT3xcFzgE2GdXMvgvHxpKT6IkUhpAUUjYJx3y10sFTE8kwk2rllhq0-TrXpHHMLPORGa_617MEFIj3hWLDdusXOtOlu--GEjAHz8JwqCgGhZNQ-VKfVjr1eVjgyItLwIyL30x4zAOj6tCjg6f_TKc5eHf4H5MzPT4&sai=AMfl-YSIzT7x6e4S1LPX4111rnwKaUqvrNnSWvZdds9A_XbAP_DfxeUOL4MnrtcbO1R8UXxJOQitLbgEEUsBWgiT1tQrl9mtFgmiARd6H5WodElT-QVF64w8a-6kwWEc3ni11A&sig=Cg0ArKJSzIBUKss864_BEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame F3F2 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIY-MaJDDAB&v=APEucNUU_V7daTvAE4L-ybvF8pEz2nXU8UquLvZ36wSZm5OlE_JhRpCVrDa_gUlW0FEKXjx2i8EVb5myZllbrG9bgTXH2lW8JZwVdXR3WmBNzi8qrFjXgrsMUuHJeGdSRsFy3FrQ4a_5fgPZ-KZw4W8Aw6MFWAhjI7Gxp_WwyE0WKcdWT_btgyc
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:46:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0FBF 		99 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfKMng5gnN7gr1-iWPqhV6L2A9S2inciOnkFYYxrOJXwYqY8w9qzyHxLEkMCfB5NUlu-gePOrtt0_j9RFowf_dEbpfGEVEP62a9Zv6rG42hNnebYt-SLLUA4cnpKaQDy_PCHBdOg6tTVCAOAt_neVSpwRhVXcgEf2b6YuRTMdVwrpjvzQ&dbm_d=AKAmf-ALfsh8x9NbJl4jhlnL4W_crZUMUDGPR66ekD6F6Xjw5dnlWVlvLKHeOpXyuNNvuMyFRD-tnAynm7t2wsMLerKBDppsIWU6o21cYJxclsT0siV3H8Jg1sKORpdD2miG7vTuBdpiKgiGmKFFfJ_M4ka8jbDtC7DbZM6NfebTLDaHC_mEcRot4kNYsrsVVFXhAQ0OQl3M5r1cnHgUO-si3mHqhNLvukg_o1hILkI0NJKc90ILVDSURCyrDEwS3c56eucNviiblsIpYQhitlcP9ydLKfbOFzD2drNdH4RE1bYryXwa7XIn-PJQCS-9pQdnqnzjATo--2h-5pRBQU79vb1jRPp34i6FIz6-E6HKyXDeD30E59XmqwacnM7GEcr0lhaBeC0fPMQpwJzu2hjE_BMvXUQv31knS1Z-70nCMw_fNQRkTBwBhGXJsvJLlBz4Yx9C-Y3nt324yGOUdpwOg0q35GxV4Kvc3fINFYCaaved__VvXa57tberhf5LCG6ujbc7T6GnRHDybAWVx_OapDkM6Phh6a2wIuSqW1Q_qTC3uoGDicYRxb9J6PF2id2FNJ43F0ZZC8dEFss0ieyvyW_OlaE9AGU8KGDkuFeJHTp4U_4GnvO1CQgCKvD3dFUz5uElzqlTfb3L6wXJoUNWp2NI-WI1CuId_gfDghHY5-PZe1UCLdL9lIaZ47kLlJo2CCaPTXouRuNXzVl3Znfln81YpaUdhoBUmhAk0w2E5K8neUHLkma1X4c3OaxQqtg28RjG-Rg8I_aE_bw_yJugsE73JOgtwmmqaCouQzz28LTMrHLyIGdM_6BW4dkfwofmqJ6ZUNK9xUN2UeJ3ap-hnHeAgtfLAV7-G8ROd6afygFMW1QPdnhAY0a6dMibmEBQkRi-KacGLW_px0qGQ0TksQuXnwampECuLbJVXBJ_SDgG2a9fgXpN4CWkfFku3UJpTwifQxAZVrn73v6ht32NidPunWrKFl1_sJtiNI3GmRW5TvyqYwz1aFg4FZoOn59mtglReTr6AmrGqKWZJzLcQ5W4U_1Y3AGDHN-i-xyx65SVEFHEzz3JLKxLwtBY_ZHbr2Z5VreW04Mbusu6lHXLhrdjjzhj_xAAs-xCvxjrO_np6ZGzR1RwPCo8XpLzFoa-7f6GH74tEJhYNar8FPeNFQ4u0H5987nblx7Eb4I23huFIyIFyn4t0-zpZ2-v3lRjIFgJTn7LMyB3ZI0gkYsuBSrM7qnOaOJbRK20FLITkOdTLOyHT1Z6lQN5utU431DkxTmrlYuUUarzOwtK1_ZhsiSnd4CCBTwlgbEQveIKmg7DSapOjvLLJFVl7sfFEDW16EF9jGg1m5vMgCPTB8wstzJN3IEcAp9mQadhGZChCCF-FSAEfU7w5PqLCYljt-XkMEn_tFLpOKnFgIutN-qAv0hJWiDf3sWeSETDeupFlhqNXhsndetp-iXJmOnW75VSwBAxpdP1dPSBkPCcDPF-nKGABjKQ8zqq3a_U3GdoqiMA6gY_3pxjGQfotocb2p4jiymRVdVkbESzmWjkhf0zttdZEkURjywjR3fFupEyTbv2m-yrBPF1eIGMB5zZ-EhjStTAeMd8d45ANv_4Q2cqcIcgy83qQVUcA8i9SLqYsZSwvwELFR0khcNEhPnu0HRXuXZJfYCQH08xY72rl5gDjmL-c5tADYC94ugNChV7z9ZnJoLWM-Vx-m6ZN0vl-oUdTN6e2cUCwHJyDI4yKlD4OjsYeFvGMffxdQ6CXMbEI1utQpq2iMBLygRtem0uanA_vFznEZAEQ-sQ8PbpMBKCqphBYouNGg9at-RgYurPwru7_Bm_tc2lKPfrxFzBsWkfAGERL041DlFfHnR8NWTgD4I2Py6wxftXqwpYZOODwVb9SoQJPNwgF3Sv94o89CWcr3Gjrr_uhyUy7jwZAQOd_6fDBw8UOabcQX_8WT8QQ6ignNYzISp-Cxj7XSXMf6gKl1uCLCaz-17ujckKDpURovNqoXNJLfY1LRqiPYIXisUqqsOzrrcsnoIhWzxbZbLReuNimKyggPUGuyjWCOYXwMeNFg3czKmsmYeu0GmNH5G3bJiZIi_L__xDlKxeG-t8_-MF_EcJvKX7ibEtOTmUCNZTUDMEjeMWiBFo-atQu8yZS-BsYzrtwIpHRWGnESBnpkN_Mc5Io3lLBQSQJYs_wxXnKbpTR3scZzN-L7XceCe2vqexHeqbxyYGIbwOquLGPwkIFQseY4Kj0Gqz6N5ZJkkZggwMSJxzOruIWezq-ptr5YPpyj1UB9crAoMccIF-MLzLamYRTSS3FJNkUtzcF_Q5lVlBEgxQQwqDQ9FDEdczd_B7r_WduSqu_c0I1wVxVhGqJdcn2yeo8Zn0QmqCa4jWbxbSuCDG1uzDsWhl8deOsISDp26Ijt2YpBWgnQ1bexvdpJvpsg4RU1z2cpB5CWOovGXhstaSwZRwu0Wau1ag7MtoOl6Yzs0D-SzrdNJNF5Ofkwp34ejNhBgjOJAvf6TH41PUyT_cSo6g1om0rJD-2O7OR-hSDVof1rbO6dpzdjxn6Tugv4UhjnE683RoVjiEUiss_7VQoadV3A6i-wawSQhFptKjfA1J82TH0PC_-6bM42q5f5oYylEcnRO8oP_LJkVkKZ9CUFoQ-bkZeb9riSQi-yd5zBR0ahWec34XliXORhF1oTeAhnaFI0vMPADk-vJsjBe6InbKSSYeUMaJHbVE_zJKXtzRnZxlQyBsZtCiaHcOS1JR283x2MsXmq2LNaobxpQ1aPUvGOBhNPSgtr5LfJCloWUmJfu2cR-UYLjo86z4X1Y--LCsazacvF9a4eKqUG1QAFafT_ORZ0-nxCZjzxl3kuIgEKNo2ZNmUi69BW8bfO-Rl7NhPPKQ9DoIblHB_6_FfO1pi4bG0S43ox5jh6fCQIhVSyeABp6yEHe8s5S15ldCk7-4pl0X3DlS2RkWfxd29Vx7iB1XzKfK3WRpxGju5XMCQdfA2z8G4Irz1rJIfIpKLcshYilv3pVCRvKecEKSrpbHJE5BCC6trp_5WEeOjbMI5ltqVHIEoSkIe9cvHQqxbFQ_SVHN7WAEZKlRriVan1wjBoxWKJZAQ6MWWiWOAkhjSoiQw0v7q4BixOS5BJ4cXP1vC_GXbAaLbmGSvWYYLBJ43Cee7bG2BhbqEeliuRUbU-HoF2-nT9hyldJ2fQmcErfJCHx-YztBFmEYzLKL0GIV7e0hJvakXbcY91lYWA24xVkxqG6TjH064jiEXcwpLvuhk4s0g5YWPtFSNTwS5PU2htv9vFno_HfZFXJpDB3GDOwgWreW64IUpvbryFF46IpChl-tzQ7ZHF12qAgnEY8HNC0nVAvsWitPRyw&pr=8:585A890D41A48F2B&cid=CAQSKQDq26N9_qjwslt3RwNKLXWXb3QR3Cw83b3Zzm8Rabo89E2oAzu33lBNGAEgCg&rfl=2%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2059e4fcd9e09182dfb482c6c8985d9b26939c63986290dd136bf85b9117761d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36924
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FBF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bik7eBZWOQkzwplJJ6boUFLBuGai29ZJkr_Y1Wjm_FSeE2RJgn_70ViWkZGPcRl6VPvHnr8ICCPcxqRpQCCwxqHmJeG0NRFRFnXjjwFVzjSwicEPk
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064
beacon-fra2.rubiconproject.com/beacon/d/ Frame 0FBF 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064?oo=0&accountId=15410&siteId=278982&zoneId=1419332&sizeId=55&e=6A1E40E384DA563BAE941DE27D7874C5B89371E5AA4C67760301AC798FC74CE62C4AC4EC91C219CA86D4158976445795172DB22D3B21A9B55152ACAA3FA1DEEC53EFAF88F6E90A1117074BFA6D54CC3BE308784B6D9554354E430C49E1CCF3C6DA81417FE503E316E6D75B036D9CFC0A846499D80527B0365471F30A2AEFCF30F8173AA165278123D01479FCD88BC31368E818F6A8410DC8F2A1A5D9F00F228ECC14A84B883374965A834B59F1BFE60161A3A1FCDDCEF09ACDA10306204D320B
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::154 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:46:03 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
analytics.js
s.update.rubiconproject.com/2/873648/ Frame 0FBF 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/873648/analytics.js?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&di=diariodonordeste.verdesmares.com.br&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c1=1419332&c2=2&sr=magnite.com&dt=8736481481318196516000
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0324285c6b1f4553be30ae185ec958ae99309f1a7a3865a8edf6ffbb6df10e1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:46:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2863
Expires
0
truncated
/ Frame 7EB5 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d7050d1a83f4486e16b8be414a47d260be19b5ad39ff4e042fbe180cb25e4ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
ingest.php
events.newsroom.bi/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=391
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.112.233 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy04.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://diariodonordeste.verdesmares.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://diariodonordeste.verdesmares.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
m
ad.yieldlab.net/ Frame F3F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB3skE4kFhquBsLX4OCeQpc&google_cver=1
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB3skE4kFhquBsLX4OCeQpc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIY-MaJDDAB&v=APEucNUU_V7daTvAE4L-ybvF8pEz2nXU8UquLvZ36wSZm5OlE_JhRpCVrDa_gUlW0FEKXjx2i8EVb5myZllbrG9bgTXH2lW8JZwVdXR3WmBNzi8qrFjXgrsMUuHJeGdSRsFy3FrQ4a_5fgPZ-KZw4W8Aw6MFWAhjI7Gxp_WwyE0WKcdWT_btgyc
Protocol
HTTP/1.1
Server
96.16.132.239 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 05 Jan 2023 12:46:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB3skE4kFhquBsLX4OCeQpc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame F3F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHu4V3zNjDkBE1UJPzlyjeU&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHu4V3zNjDkBE1UJPzlyjeU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIY-MaJDDAB&v=APEucNUU_V7daTvAE4L-ybvF8pEz2nXU8UquLvZ36wSZm5OlE_JhRpCVrDa_gUlW0FEKXjx2i8EVb5myZllbrG9bgTXH2lW8JZwVdXR3WmBNzi8qrFjXgrsMUuHJeGdSRsFy3FrQ4a_5fgPZ-KZw4W8Aw6MFWAhjI7Gxp_WwyE0WKcdWT_btgyc
Protocol
H2
Server
37.157.4.23 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
last-modified
Wed, 11 Oct 2017 13:40:08 GMT
server
nginx
accept-ranges
bytes
etag
"59de1f38-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHu4V3zNjDkBE1UJPzlyjeU&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0FBF 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Origin
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:02:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 13:02:25 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/ Frame 0FBF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfKMng5gnN7gr1-iWPqhV6L2A9S2inciOnkFYYxrOJXwYqY8w9qzyHxLEkMCfB5NUlu-gePOrtt0_j9RFowf_dEbpfGEVEP62a9Zv6rG42hNnebYt-SLLUA4cnpKaQDy_PCHBdOg6tTVCAOAt_neVSpwRhVXcgEf2b6YuRTMdVwrpjvzQ&dbm_d=AKAmf-ALfsh8x9NbJl4jhlnL4W_crZUMUDGPR66ekD6F6Xjw5dnlWVlvLKHeOpXyuNNvuMyFRD-tnAynm7t2wsMLerKBDppsIWU6o21cYJxclsT0siV3H8Jg1sKORpdD2miG7vTuBdpiKgiGmKFFfJ_M4ka8jbDtC7DbZM6NfebTLDaHC_mEcRot4kNYsrsVVFXhAQ0OQl3M5r1cnHgUO-si3mHqhNLvukg_o1hILkI0NJKc90ILVDSURCyrDEwS3c56eucNviiblsIpYQhitlcP9ydLKfbOFzD2drNdH4RE1bYryXwa7XIn-PJQCS-9pQdnqnzjATo--2h-5pRBQU79vb1jRPp34i6FIz6-E6HKyXDeD30E59XmqwacnM7GEcr0lhaBeC0fPMQpwJzu2hjE_BMvXUQv31knS1Z-70nCMw_fNQRkTBwBhGXJsvJLlBz4Yx9C-Y3nt324yGOUdpwOg0q35GxV4Kvc3fINFYCaaved__VvXa57tberhf5LCG6ujbc7T6GnRHDybAWVx_OapDkM6Phh6a2wIuSqW1Q_qTC3uoGDicYRxb9J6PF2id2FNJ43F0ZZC8dEFss0ieyvyW_OlaE9AGU8KGDkuFeJHTp4U_4GnvO1CQgCKvD3dFUz5uElzqlTfb3L6wXJoUNWp2NI-WI1CuId_gfDghHY5-PZe1UCLdL9lIaZ47kLlJo2CCaPTXouRuNXzVl3Znfln81YpaUdhoBUmhAk0w2E5K8neUHLkma1X4c3OaxQqtg28RjG-Rg8I_aE_bw_yJugsE73JOgtwmmqaCouQzz28LTMrHLyIGdM_6BW4dkfwofmqJ6ZUNK9xUN2UeJ3ap-hnHeAgtfLAV7-G8ROd6afygFMW1QPdnhAY0a6dMibmEBQkRi-KacGLW_px0qGQ0TksQuXnwampECuLbJVXBJ_SDgG2a9fgXpN4CWkfFku3UJpTwifQxAZVrn73v6ht32NidPunWrKFl1_sJtiNI3GmRW5TvyqYwz1aFg4FZoOn59mtglReTr6AmrGqKWZJzLcQ5W4U_1Y3AGDHN-i-xyx65SVEFHEzz3JLKxLwtBY_ZHbr2Z5VreW04Mbusu6lHXLhrdjjzhj_xAAs-xCvxjrO_np6ZGzR1RwPCo8XpLzFoa-7f6GH74tEJhYNar8FPeNFQ4u0H5987nblx7Eb4I23huFIyIFyn4t0-zpZ2-v3lRjIFgJTn7LMyB3ZI0gkYsuBSrM7qnOaOJbRK20FLITkOdTLOyHT1Z6lQN5utU431DkxTmrlYuUUarzOwtK1_ZhsiSnd4CCBTwlgbEQveIKmg7DSapOjvLLJFVl7sfFEDW16EF9jGg1m5vMgCPTB8wstzJN3IEcAp9mQadhGZChCCF-FSAEfU7w5PqLCYljt-XkMEn_tFLpOKnFgIutN-qAv0hJWiDf3sWeSETDeupFlhqNXhsndetp-iXJmOnW75VSwBAxpdP1dPSBkPCcDPF-nKGABjKQ8zqq3a_U3GdoqiMA6gY_3pxjGQfotocb2p4jiymRVdVkbESzmWjkhf0zttdZEkURjywjR3fFupEyTbv2m-yrBPF1eIGMB5zZ-EhjStTAeMd8d45ANv_4Q2cqcIcgy83qQVUcA8i9SLqYsZSwvwELFR0khcNEhPnu0HRXuXZJfYCQH08xY72rl5gDjmL-c5tADYC94ugNChV7z9ZnJoLWM-Vx-m6ZN0vl-oUdTN6e2cUCwHJyDI4yKlD4OjsYeFvGMffxdQ6CXMbEI1utQpq2iMBLygRtem0uanA_vFznEZAEQ-sQ8PbpMBKCqphBYouNGg9at-RgYurPwru7_Bm_tc2lKPfrxFzBsWkfAGERL041DlFfHnR8NWTgD4I2Py6wxftXqwpYZOODwVb9SoQJPNwgF3Sv94o89CWcr3Gjrr_uhyUy7jwZAQOd_6fDBw8UOabcQX_8WT8QQ6ignNYzISp-Cxj7XSXMf6gKl1uCLCaz-17ujckKDpURovNqoXNJLfY1LRqiPYIXisUqqsOzrrcsnoIhWzxbZbLReuNimKyggPUGuyjWCOYXwMeNFg3czKmsmYeu0GmNH5G3bJiZIi_L__xDlKxeG-t8_-MF_EcJvKX7ibEtOTmUCNZTUDMEjeMWiBFo-atQu8yZS-BsYzrtwIpHRWGnESBnpkN_Mc5Io3lLBQSQJYs_wxXnKbpTR3scZzN-L7XceCe2vqexHeqbxyYGIbwOquLGPwkIFQseY4Kj0Gqz6N5ZJkkZggwMSJxzOruIWezq-ptr5YPpyj1UB9crAoMccIF-MLzLamYRTSS3FJNkUtzcF_Q5lVlBEgxQQwqDQ9FDEdczd_B7r_WduSqu_c0I1wVxVhGqJdcn2yeo8Zn0QmqCa4jWbxbSuCDG1uzDsWhl8deOsISDp26Ijt2YpBWgnQ1bexvdpJvpsg4RU1z2cpB5CWOovGXhstaSwZRwu0Wau1ag7MtoOl6Yzs0D-SzrdNJNF5Ofkwp34ejNhBgjOJAvf6TH41PUyT_cSo6g1om0rJD-2O7OR-hSDVof1rbO6dpzdjxn6Tugv4UhjnE683RoVjiEUiss_7VQoadV3A6i-wawSQhFptKjfA1J82TH0PC_-6bM42q5f5oYylEcnRO8oP_LJkVkKZ9CUFoQ-bkZeb9riSQi-yd5zBR0ahWec34XliXORhF1oTeAhnaFI0vMPADk-vJsjBe6InbKSSYeUMaJHbVE_zJKXtzRnZxlQyBsZtCiaHcOS1JR283x2MsXmq2LNaobxpQ1aPUvGOBhNPSgtr5LfJCloWUmJfu2cR-UYLjo86z4X1Y--LCsazacvF9a4eKqUG1QAFafT_ORZ0-nxCZjzxl3kuIgEKNo2ZNmUi69BW8bfO-Rl7NhPPKQ9DoIblHB_6_FfO1pi4bG0S43ox5jh6fCQIhVSyeABp6yEHe8s5S15ldCk7-4pl0X3DlS2RkWfxd29Vx7iB1XzKfK3WRpxGju5XMCQdfA2z8G4Irz1rJIfIpKLcshYilv3pVCRvKecEKSrpbHJE5BCC6trp_5WEeOjbMI5ltqVHIEoSkIe9cvHQqxbFQ_SVHN7WAEZKlRriVan1wjBoxWKJZAQ6MWWiWOAkhjSoiQw0v7q4BixOS5BJ4cXP1vC_GXbAaLbmGSvWYYLBJ43Cee7bG2BhbqEeliuRUbU-HoF2-nT9hyldJ2fQmcErfJCHx-YztBFmEYzLKL0GIV7e0hJvakXbcY91lYWA24xVkxqG6TjH064jiEXcwpLvuhk4s0g5YWPtFSNTwS5PU2htv9vFno_HfZFXJpDB3GDOwgWreW64IUpvbryFF46IpChl-tzQ7ZHF12qAgnEY8HNC0nVAvsWitPRyw&pr=8:585A890D41A48F2B&cid=CAQSKQDq26N9_qjwslt3RwNKLXWXb3QR3Cw83b3Zzm8Rabo89E2oAzu33lBNGAEgCg&rfl=2%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:31:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/ Frame 0FBF 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230104/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfKMng5gnN7gr1-iWPqhV6L2A9S2inciOnkFYYxrOJXwYqY8w9qzyHxLEkMCfB5NUlu-gePOrtt0_j9RFowf_dEbpfGEVEP62a9Zv6rG42hNnebYt-SLLUA4cnpKaQDy_PCHBdOg6tTVCAOAt_neVSpwRhVXcgEf2b6YuRTMdVwrpjvzQ&dbm_d=AKAmf-ALfsh8x9NbJl4jhlnL4W_crZUMUDGPR66ekD6F6Xjw5dnlWVlvLKHeOpXyuNNvuMyFRD-tnAynm7t2wsMLerKBDppsIWU6o21cYJxclsT0siV3H8Jg1sKORpdD2miG7vTuBdpiKgiGmKFFfJ_M4ka8jbDtC7DbZM6NfebTLDaHC_mEcRot4kNYsrsVVFXhAQ0OQl3M5r1cnHgUO-si3mHqhNLvukg_o1hILkI0NJKc90ILVDSURCyrDEwS3c56eucNviiblsIpYQhitlcP9ydLKfbOFzD2drNdH4RE1bYryXwa7XIn-PJQCS-9pQdnqnzjATo--2h-5pRBQU79vb1jRPp34i6FIz6-E6HKyXDeD30E59XmqwacnM7GEcr0lhaBeC0fPMQpwJzu2hjE_BMvXUQv31knS1Z-70nCMw_fNQRkTBwBhGXJsvJLlBz4Yx9C-Y3nt324yGOUdpwOg0q35GxV4Kvc3fINFYCaaved__VvXa57tberhf5LCG6ujbc7T6GnRHDybAWVx_OapDkM6Phh6a2wIuSqW1Q_qTC3uoGDicYRxb9J6PF2id2FNJ43F0ZZC8dEFss0ieyvyW_OlaE9AGU8KGDkuFeJHTp4U_4GnvO1CQgCKvD3dFUz5uElzqlTfb3L6wXJoUNWp2NI-WI1CuId_gfDghHY5-PZe1UCLdL9lIaZ47kLlJo2CCaPTXouRuNXzVl3Znfln81YpaUdhoBUmhAk0w2E5K8neUHLkma1X4c3OaxQqtg28RjG-Rg8I_aE_bw_yJugsE73JOgtwmmqaCouQzz28LTMrHLyIGdM_6BW4dkfwofmqJ6ZUNK9xUN2UeJ3ap-hnHeAgtfLAV7-G8ROd6afygFMW1QPdnhAY0a6dMibmEBQkRi-KacGLW_px0qGQ0TksQuXnwampECuLbJVXBJ_SDgG2a9fgXpN4CWkfFku3UJpTwifQxAZVrn73v6ht32NidPunWrKFl1_sJtiNI3GmRW5TvyqYwz1aFg4FZoOn59mtglReTr6AmrGqKWZJzLcQ5W4U_1Y3AGDHN-i-xyx65SVEFHEzz3JLKxLwtBY_ZHbr2Z5VreW04Mbusu6lHXLhrdjjzhj_xAAs-xCvxjrO_np6ZGzR1RwPCo8XpLzFoa-7f6GH74tEJhYNar8FPeNFQ4u0H5987nblx7Eb4I23huFIyIFyn4t0-zpZ2-v3lRjIFgJTn7LMyB3ZI0gkYsuBSrM7qnOaOJbRK20FLITkOdTLOyHT1Z6lQN5utU431DkxTmrlYuUUarzOwtK1_ZhsiSnd4CCBTwlgbEQveIKmg7DSapOjvLLJFVl7sfFEDW16EF9jGg1m5vMgCPTB8wstzJN3IEcAp9mQadhGZChCCF-FSAEfU7w5PqLCYljt-XkMEn_tFLpOKnFgIutN-qAv0hJWiDf3sWeSETDeupFlhqNXhsndetp-iXJmOnW75VSwBAxpdP1dPSBkPCcDPF-nKGABjKQ8zqq3a_U3GdoqiMA6gY_3pxjGQfotocb2p4jiymRVdVkbESzmWjkhf0zttdZEkURjywjR3fFupEyTbv2m-yrBPF1eIGMB5zZ-EhjStTAeMd8d45ANv_4Q2cqcIcgy83qQVUcA8i9SLqYsZSwvwELFR0khcNEhPnu0HRXuXZJfYCQH08xY72rl5gDjmL-c5tADYC94ugNChV7z9ZnJoLWM-Vx-m6ZN0vl-oUdTN6e2cUCwHJyDI4yKlD4OjsYeFvGMffxdQ6CXMbEI1utQpq2iMBLygRtem0uanA_vFznEZAEQ-sQ8PbpMBKCqphBYouNGg9at-RgYurPwru7_Bm_tc2lKPfrxFzBsWkfAGERL041DlFfHnR8NWTgD4I2Py6wxftXqwpYZOODwVb9SoQJPNwgF3Sv94o89CWcr3Gjrr_uhyUy7jwZAQOd_6fDBw8UOabcQX_8WT8QQ6ignNYzISp-Cxj7XSXMf6gKl1uCLCaz-17ujckKDpURovNqoXNJLfY1LRqiPYIXisUqqsOzrrcsnoIhWzxbZbLReuNimKyggPUGuyjWCOYXwMeNFg3czKmsmYeu0GmNH5G3bJiZIi_L__xDlKxeG-t8_-MF_EcJvKX7ibEtOTmUCNZTUDMEjeMWiBFo-atQu8yZS-BsYzrtwIpHRWGnESBnpkN_Mc5Io3lLBQSQJYs_wxXnKbpTR3scZzN-L7XceCe2vqexHeqbxyYGIbwOquLGPwkIFQseY4Kj0Gqz6N5ZJkkZggwMSJxzOruIWezq-ptr5YPpyj1UB9crAoMccIF-MLzLamYRTSS3FJNkUtzcF_Q5lVlBEgxQQwqDQ9FDEdczd_B7r_WduSqu_c0I1wVxVhGqJdcn2yeo8Zn0QmqCa4jWbxbSuCDG1uzDsWhl8deOsISDp26Ijt2YpBWgnQ1bexvdpJvpsg4RU1z2cpB5CWOovGXhstaSwZRwu0Wau1ag7MtoOl6Yzs0D-SzrdNJNF5Ofkwp34ejNhBgjOJAvf6TH41PUyT_cSo6g1om0rJD-2O7OR-hSDVof1rbO6dpzdjxn6Tugv4UhjnE683RoVjiEUiss_7VQoadV3A6i-wawSQhFptKjfA1J82TH0PC_-6bM42q5f5oYylEcnRO8oP_LJkVkKZ9CUFoQ-bkZeb9riSQi-yd5zBR0ahWec34XliXORhF1oTeAhnaFI0vMPADk-vJsjBe6InbKSSYeUMaJHbVE_zJKXtzRnZxlQyBsZtCiaHcOS1JR283x2MsXmq2LNaobxpQ1aPUvGOBhNPSgtr5LfJCloWUmJfu2cR-UYLjo86z4X1Y--LCsazacvF9a4eKqUG1QAFafT_ORZ0-nxCZjzxl3kuIgEKNo2ZNmUi69BW8bfO-Rl7NhPPKQ9DoIblHB_6_FfO1pi4bG0S43ox5jh6fCQIhVSyeABp6yEHe8s5S15ldCk7-4pl0X3DlS2RkWfxd29Vx7iB1XzKfK3WRpxGju5XMCQdfA2z8G4Irz1rJIfIpKLcshYilv3pVCRvKecEKSrpbHJE5BCC6trp_5WEeOjbMI5ltqVHIEoSkIe9cvHQqxbFQ_SVHN7WAEZKlRriVan1wjBoxWKJZAQ6MWWiWOAkhjSoiQw0v7q4BixOS5BJ4cXP1vC_GXbAaLbmGSvWYYLBJ43Cee7bG2BhbqEeliuRUbU-HoF2-nT9hyldJ2fQmcErfJCHx-YztBFmEYzLKL0GIV7e0hJvakXbcY91lYWA24xVkxqG6TjH064jiEXcwpLvuhk4s0g5YWPtFSNTwS5PU2htv9vFno_HfZFXJpDB3GDOwgWreW64IUpvbryFF46IpChl-tzQ7ZHF12qAgnEY8HNC0nVAvsWitPRyw&pr=8:585A890D41A48F2B&cid=CAQSKQDq26N9_qjwslt3RwNKLXWXb3QR3Cw83b3Zzm8Rabo89E2oAzu33lBNGAEgCg&rfl=2%2Chttps%253A%252F%252Fdiariodonordeste.verdesmares.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 01:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
40449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10849
x-xss-protection
0
server
cafe
etag
7485935580621256062
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 01:31:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0FBF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 08:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 08:56:49 GMT
usync.html
eus.rubiconproject.com/ Frame 6461 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 06 Jan 2023 12:46:03 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1742 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
530415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 31 Dec 2022 09:25:48 GMT
expires
Sun, 31 Dec 2023 09:25:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 6461 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f3f47120adc3630d0df29449d4cf2fd3bde9022d98c882f8cc342902039c0cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 12:46:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 19:11:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23128
Connection
keep-alive
Content-Length
10066
Expires
Fri, 06 Jan 2023 19:11:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0FBF 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48907
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1672933789069018"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:46:03 GMT
creative.html
s0.2mdn.net/sadbundle/9456713477415501824/970x90/ Frame 539C 		1 KB
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
445
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Jan 2023 12:46:03 GMT
expires
Sat, 06 Jan 2024 12:46:03 GMT
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0FBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9dHUfSFYrl_hB8kMIiEWvZkLvaj_lv-a4Ulqpz2R1Qtl-XuMVwWMbeqr7rDuxPgVDBdajFsP0ZhhA00JcEwoIBE_4TH091O_BIvibI-dX1O34LF-IKKvvuKeGtPbZhCUDFY41_TIiFj0aKWbkxsUBmxWqSGMC8P5Q1qm4lktnDUQNqerd18fOJXT7QSpEiagNEIzJjwWvbDWNo-1M9T7cw2G2P7PJUb07MwdAFkE5ZnvZL9BuA-AiDBURxjjW5FjgnfscrzfgqrAKhJCjZWXRrejZabwNtn7sXmPh_SUZ2S5ZkY6oeEeRKfGIW5O3mdZePWb0UO0TfkK4g749Ovof5GB8rP1ZR8Kh_IwRgIhcMOF4ij48sNOBwlxabnjda0BKjpYP80ThVkdb8GyKLuFAJWUYUOKOmDzVG7Q3rve_UOhsMqRmGBkwZmjhtCM-cDmo3ZccJulKGoXl7zXTGxbjKjaqJlmnoip96W1JHjhQ4pQf6Dr6wdVb63WJbuBad22kF7KJuraUc97KlK6z3w4aqqV1N0qRGvpthfjoJTEd1JHzQbJz8dBsc6nrxpLi-BE4qscS1oCdFibXAs_SDDg97mkhBovjrZXAsuWTndtZPfns65PtC1aNMEKd0Kcm1PU5t3m7CZZ_Jcf1gpwFCn7DOQCmFB3cHdO9thGsLT79ocuADFqz2BiWR36TIkPd3lF9iwBDTPdk8Qkj7u9DzGDyGzVf4s4PPltPUn_vcZ0FtAg8EzhEfwqI0c_xI1xPHya10XrSSvDUv034OfS14EWHeTlmrE9VqOke8mkfkgBruj3wEJwgpYbjmdfrFbon7z6AFpnUtNCOSMfOZvWrVeAAM1l6g3gomHGTii2Y_mRVBo7eKc90hMlHBf9e1Si_lumYIX0Ko3pZWg-ObRUr2sYzQaY9nHOlzdl-R8rIiwQUY8leMbqPPZ4JmN97W5OqG0XWKqHJQjt1XDKziNWkwn9Lsb1gIzk7nTL3JdvTzB2osrKig3ZTrJ3yuxDxdxvBH9ZFx9w7RwCiUAItBeoRUulMugjPufDR7y99INILTsKrFYuFrJqA3UgLx0ZR51hkIq4T2AP5qaaj0vz-frY_mjExbXAZph2b4LtXgMXFTnp87NbgWyPeuY6NM7ZfLf3VRERYT0ERIlaHFpQMpUV3WRGd8V5H1ac0BImViQ_12HDgi_z537s2TLD8YT_2et9mvMmMruER5b7vF9FmUyDJfseZVp2W7w7xvjho2APXjt7HN68gaAlUm8qW1lJkM_kRGYDMo9h7ehUFgfs01hjl2RL1KWW2gcuV6QxukniKOjAa-wdpQoHjjXXE8XU&sai=AMfl-YRyTLA3I5-P-3OEiAdsG0O_cJcjTWTo9wLLtQEHo5Hlig7egGxcibqgqwRSImWib2_VpxwSe_IBeHuCcM00SXSLNd8V0eGGxLWuroPP-DxKdeQTAbECth9RJn_N_hqW3WLQiw1SWwl8uG-nNPzsUEBTzDn-Qsul0tvH_AK4Gaz5s3-g2XF9QIR1E7m-ZCoDX_dJ3006MGySECDytLE&sig=Cg0ArKJSzPHa2lyiqOf3EAE&uach_m=[UACH]&pr=8:585A890D41A48F2B&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=88&cisv=r20230104.57444&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:46:03 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 1742 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 23:05:30 GMT
initial.css
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/css/ Frame 539C 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/css/initial.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1350a0e4f8b6c22b6e7938ad9d13a7ec5cb3091823c0fcea09e757ef1695645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 12:45:58 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 539C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 13:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 13:02:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 539C 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:27:35 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 539C 		233 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 07:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 07:47:59 GMT
initial.js
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/ Frame 539C 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/initial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
238fd7ab0dd5fa0280ec9d686e10970d2466e89133314acbd01bc3d98dda7bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537477
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3031
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Dec 2023 07:28:06 GMT
logo.jpg
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/images/ Frame 539C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/images/logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 07:12:39 GMT
x-content-type-options
nosniff
age
20004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2754
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 07:12:39 GMT
spinner.gif
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/images/ Frame 539C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/images/spinner.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 07:41:10 GMT
x-content-type-options
nosniff
age
536693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6841
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Dec 2023 07:41:10 GMT
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?oz_pl=1&ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&_x=1
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&di=diariodonordeste.verdesmares.com.br&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c1=1419332&c2=2&sr=magnite.com&dt=8736481481318196516000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.rubiconproject.com/2/2.87.1/ Frame 0FBF 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/main.js
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&di=diariodonordeste.verdesmares.com.br&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c1=1419332&c2=2&sr=magnite.com&dt=8736481481318196516000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 06 Jan 2023 12:46:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54838
Expires
Mon, 14 Sep 2054 09:36:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0FBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9dHUfSFYrl_hB8kMIiEWvZkLvaj_lv-a4Ulqpz2R1Qtl-XuMVwWMbeqr7rDuxPgVDBdajFsP0ZhhA00JcEwoIBE_4TH091O_BIvibI-dX1O34LF-IKKvvuKeGtPbZhCUDFY41_TIiFj0aKWbkxsUBmxWqSGMC8P5Q1qm4lktnDUQNqerd18fOJXT7QSpEiagNEIzJjwWvbDWNo-1M9T7cw2G2P7PJUb07MwdAFkE5ZnvZL9BuA-AiDBURxjjW5FjgnfscrzfgqrAKhJCjZWXRrejZabwNtn7sXmPh_SUZ2S5ZkY6oeEeRKfGIW5O3mdZePWb0UO0TfkK4g749Ovof5GB8rP1ZR8Kh_IwRgIhcMOF4ij48sNOBwlxabnjda0BKjpYP80ThVkdb8GyKLuFAJWUYUOKOmDzVG7Q3rve_UOhsMqRmGBkwZmjhtCM-cDmo3ZccJulKGoXl7zXTGxbjKjaqJlmnoip96W1JHjhQ4pQf6Dr6wdVb63WJbuBad22kF7KJuraUc97KlK6z3w4aqqV1N0qRGvpthfjoJTEd1JHzQbJz8dBsc6nrxpLi-BE4qscS1oCdFibXAs_SDDg97mkhBovjrZXAsuWTndtZPfns65PtC1aNMEKd0Kcm1PU5t3m7CZZ_Jcf1gpwFCn7DOQCmFB3cHdO9thGsLT79ocuADFqz2BiWR36TIkPd3lF9iwBDTPdk8Qkj7u9DzGDyGzVf4s4PPltPUn_vcZ0FtAg8EzhEfwqI0c_xI1xPHya10XrSSvDUv034OfS14EWHeTlmrE9VqOke8mkfkgBruj3wEJwgpYbjmdfrFbon7z6AFpnUtNCOSMfOZvWrVeAAM1l6g3gomHGTii2Y_mRVBo7eKc90hMlHBf9e1Si_lumYIX0Ko3pZWg-ObRUr2sYzQaY9nHOlzdl-R8rIiwQUY8leMbqPPZ4JmN97W5OqG0XWKqHJQjt1XDKziNWkwn9Lsb1gIzk7nTL3JdvTzB2osrKig3ZTrJ3yuxDxdxvBH9ZFx9w7RwCiUAItBeoRUulMugjPufDR7y99INILTsKrFYuFrJqA3UgLx0ZR51hkIq4T2AP5qaaj0vz-frY_mjExbXAZph2b4LtXgMXFTnp87NbgWyPeuY6NM7ZfLf3VRERYT0ERIlaHFpQMpUV3WRGd8V5H1ac0BImViQ_12HDgi_z537s2TLD8YT_2et9mvMmMruER5b7vF9FmUyDJfseZVp2W7w7xvjho2APXjt7HN68gaAlUm8qW1lJkM_kRGYDMo9h7ehUFgfs01hjl2RL1KWW2gcuV6QxukniKOjAa-wdpQoHjjXXE8XU&sai=AMfl-YRyTLA3I5-P-3OEiAdsG0O_cJcjTWTo9wLLtQEHo5Hlig7egGxcibqgqwRSImWib2_VpxwSe_IBeHuCcM00SXSLNd8V0eGGxLWuroPP-DxKdeQTAbECth9RJn_N_hqW3WLQiw1SWwl8uG-nNPzsUEBTzDn-Qsul0tvH_AK4Gaz5s3-g2XF9QIR1E7m-ZCoDX_dJ3006MGySECDytLE&sig=Cg0ArKJSzPHa2lyiqOf3EAE&uach_m=[UACH]&pr=8:585A890D41A48F2B&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=323&vt=11&dtpt=230&dett=3&cstd=88&cisv=r20230104.57444&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: diariodonordeste.verdesmares.com.br
URL: https://diariodonordeste.verdesmares.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:46:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 539C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1698d66dedcd2a3c29e9a57a06d1a525caf331e3a757ed8f4ce8464c14766e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1742 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuPEXCxi4Y4TEGoCE9u8PguWquAEAAAAAOAHgBAI&bg=!GBulG1_NAAYDMoyoIzI7ACkAdvg8WnWbtIFpOSxUA1xIf2ll4N2D5T8VWj4e_8sjJWEOi0JIo6EmlwIAAAByUgAAAANoAQeZA1lWjTbqRjAGHMJjHVePzd8qO7QzQMBXqVIHMLBxXn-46p_f-_NTsCnDodpfs_LsLR9pOf8xO8XcFAy57-NptkzUNrhosEDBfQXXH8_O1Cji6XA4W5ajLdR-D-p4lGcMLix3jJJ44JNZWy1G2djAIUiHBCDkPzECua1Zq3VAytbnNLKLcEjhCW9ekaX3cFkiSuCiXaXgFW-nOrPLXPnof_7h5EVm6G31RpiyvOsO7Tc86y8wEaYC_IdMn0R_iS8TRT7llcNgTKy_MzYT_PSDR67DFLjfXxffPTeEUL0tujO9XvmtnToSrfavmZuQ5kujCAXyJZSpfVvhpQh0OMpDF-VsytrjpgAWyVysOVDMIynKMDF-7DLTZNOZdbDmeACToEGQeC4rt_yskf_s7Zh1NzM4P4Q0cJ5XUwARxqSPwCFrr_lmaRnjLmYK4_c7HidyNZK8VCOqB7soIZb38dRjLUYH9-3Bij14uisW7rbOxkwt1DSm98G9Ptf06IkjkS4DxYpli33x2KmQadLinYBjbjNmkc_Cicb1wF06S87VUZOVFRHL_73cfg_Gh_M02TmLRrLkdSULP_uGUFFOUiRahAcnblmb9TlMUyOUm62yn68u5M6g1LyZoS_NO7tnK_be44SvVxtrkd8W_ycZHu9YiZP5Dd_28T0rX2zpKKPZDnG8ErISSUS4GLd-l8g-dQFibsTsj5ukFZ5QiROPbPJmm06PSsuNQzwOkIkYVovlpiSajEO--49eLAY-UfyYFDs7XW4bjkA3xDxkBfCXaT1ALRpkfI9GpEJDeQi1iF6gs5BZk6ZmDJv9WotaGe3ByP_38gGbhcu5r0eQhh4IpZjFWSHPBuzbQZe4NF5XQV2nmL0ImkYHFfgiAmv8Eebd0nCjisUX8AwHUkyN9fvExXpD15PxEdDxgr2thyRSi1KjDdtCLWkVjNR9aS_yTZGCNC6J8teewdUQFY-23GzmvH5Us7l3IGhCTevRIon0rY1dfH0KTn_RQcPeyoCfaK6V_wB9izJcG-SMoJNuE6r3e-biDW_Pu0-Li0Pbw8HW9_EcSu3shEEiUrhMGB6fOxyVgiYGM5jaf4sX3QIOFIrjCxl7xdsL5GcZHDGxDfREtIWbXXe0-ZIODcvwzbFvFQ
Requested by
Host: 576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
URL: https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?oz_pl=1&ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&_x=1
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&di=diariodonordeste.verdesmares.com.br&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c1=1419332&c2=2&sr=magnite.com&dt=8736481481318196516000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 7EB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2H21rrPMjmomi-9gnBsCqbZhLHKk0MB6KFZQM5-_NOS20VGZwQvNq7AwSngsIe3PPWDmY3O1Yb4RKCLuwOiMEtrG1IqjNozC3patU_SXCuOejOEKUq1b-NfRiNM8kEaQGuz10Y5dj2-Ea9S7UluJ5rjZimJf9I6SjcucMP9IwrCxyc2UvrwnTz_fj8S4O27e2N_fPueujt2qp8h75oEIFA-HM_ftsnzZ-g_0Wzd2pt1DvLtJzuzMxSnJgv1pEHg2SUFweNjDksd01UkwNCN5aFk5LFRv7epKGxKo_uuMUPoWosyruyywy1FrTd0zr0fvjXfImMN5URw3LhZiUeKx09gImNCj3Y1OfU3kd6ZQjH4yT0nVPMW9Etw-Jjg&sai=AMfl-YRswW4NvLkTJEqRJsLflqKeYeMRW7TyTRkWQIoEu0xfFX_0kcjNLpg0nLiauLwr48T2BeeeTY_4DgwwBh8WM4DBhxgJCcWkaPldUmMxuWW6jr1M1NVWy618CSeLGUY83w&sig=Cg0ArKJSzAfH9TdRtTOlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 06 Jan 2023 12:46:03 GMT
style.css
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/css/ Frame 539C 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94ab2ec362af8a7306489ad3c356b5f3724b28cdf6fcd22c635d16e0dc89dbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 20:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489590
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2425
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Dec 2023 20:46:13 GMT
jquery.textfit.min.js
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/ Frame 539C 		1 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/jquery.textfit.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 07:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20247
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
648
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 07:08:36 GMT
nhdynamic.js
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/ Frame 539C 		36 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/nhdynamic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd67d3ef1a4202a1c67fe1c79bab8338c13d5df2bce075a40fedc3bdd930518b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 09:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5742
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 09:54:43 GMT
youtubeApi.js
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/ Frame 539C 		1 KB
474 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/youtubeApi.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 20:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
577996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 20:12:47 GMT
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&sid=Ab28OI8HEeZaSSGf&oz_sc=e180a6281c3673e3802f6287&oz_df=1673009163896&oz_l=323&cv=3
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 539C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Jan 2023 12:46:03 GMT
63009_20221125241141058_background_970x90_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 539C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20221125241141058_background_970x90_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3d95a0eef9f16b9fe8ae5513cc3d6e42c7e26b124779acc43296d953f2f2f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 05:17:05 GMT
x-content-type-options
nosniff
age
26938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28007
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 08:11:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Jan 2023 05:17:05 GMT
63009_20221125241144189_background_970x90_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 539C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20221125241144189_background_970x90_2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d7ae248d97d35e8cfc7398c3257d8524207e7e3ad0f8c4b10f8721f93fbda5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 19:03:49 GMT
x-content-type-options
nosniff
age
63734
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28007
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 08:11:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Jan 2023 19:03:49 GMT
63009_20221125241147190_background_970x90_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 539C 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20221125241147190_background_970x90_3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80496376a8e910404b0ab27df0029540609149b3e5c14cc63f6b1b55e5860a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 06:19:14 GMT
x-content-type-options
nosniff
age
23209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28007
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 08:11:47 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Jan 2023 06:19:14 GMT
GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/fonts/ Frame 539C 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/fonts/GothamNarrow-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 07:28:11 GMT
x-content-type-options
nosniff
age
537472
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81884
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Dec 2023 07:28:11 GMT
flecha.png
s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/images/ Frame 539C 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/images/flecha.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3042250e6e9ece43bc139bb6a515d7e75012e511f655015d64798a84e8e1cf0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=lG0WU3JKPA&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 09:54:43 GMT
x-content-type-options
nosniff
age
10280
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1053
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 00:30:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jan 2024 09:54:43 GMT
iframe_api
www.youtube.com/ Frame 539C 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9456713477415501824/970x90/assets/js/youtubeApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:46:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 06 Jan 2023 12:46:04 GMT
sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
pagead2.googlesyndication.com/bg/ Frame 0000 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 23:05:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16096
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Jan 2024 23:05:30 GMT
21d680ce-34c0-48c6-b6e8-f52996d91c20
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/ Frame 6B4F 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/21d680ce-34c0-48c6-b6e8-f52996d91c20
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
www-widgetapi.js
www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/ Frame 539C 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 12:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62997
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 22:39:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 06 Jan 2024 12:22:53 GMT
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&sid=Ab28OI8HEeZaSSGf&oz_sc=e180a6281c3673e3802f6287&oz_df=1673009164127&oz_l=4915&cv=3
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&sid=Ab28OI8HEeZaSSGf&oz_sc=e180a6281c3673e3802f6287&oz_df=1673009164291&oz_l=4347&cv=3
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&sid=Ab28OI8HEeZaSSGf&oz_sc=e180a6281c3673e3802f6287&oz_df=1673009164457&oz_l=553&cv=3
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
8c52b18f-3740-4a17-8734-d55b362a40c7
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/ Frame 0FBF 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/8c52b18f-3740-4a17-8734-d55b362a40c7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
802
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&sid=Ab28OI8HEeZaSSGf&oz_sc=e180a6281c3673e3802f6287&oz_df=1673009164634&oz_l=3419&cv=3
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:03 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 0FBF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVeAJkKfrmlKVIvYYJRPF6q8hRMb4_4Oi7EQflBWbWAz4mROAUt0-7xiG0anT0sOvBGjOxuLf4rwOGmdWID57n4HQ8kBfPeOE&sig=Cg0ArKJSzIQv3xXEFvwJEAE&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673009163355&rpt=324&met=mue&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/ Frame 0FBF 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/2.87.1/873648/Ab28OI8HEeZaSSGf/postback?ti=9ed6c1d0-aa87-4c23-a9ac-dc7f9522f064&si=278982&ap=&ui=LCKIFU4W-18-1BJH&pp=15410&c1=1419332&ci=873648&di=diariodonordeste.verdesmares.com.br&pv=62461e6f-1c54-4a75-84c3-2abd138f1a0b&gt=de&c2=2&sr=magnite.com&dt=8736481481318196516000&sid=Ab28OI8HEeZaSSGf&oz_sc=e180a6281c3673e3802f6287&oz_df=1673009164792&oz_l=493&cv=3
Requested by
Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.130.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 06 Jan 2023 12:46:04 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJv2uSV2Z5x3OiYcxrAr3Sop6993XYghU5htpWeJWUZdSn4YdE0Px5AvXDB_7KtViWGF5SGuAMIDgRF8rPktFwYIh0PLfdXVrFlaH_KaF71E_oASgy&sig=Cg0ArKJSzJLL7dwCIvcTEAE&id=lidar2&mcvt=1000&p=1095,315,1185,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=614391757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1673009163229&rpt=672&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Jan 2023 12:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGSfvWaiBRK26iZRlcNytFPPWRA18svWdAjyaOuvprAGn8zhBZF66sLQbM0hkSQ7UVOFCEwr_DcyFmLRsZgsfQ9VNzWz5-TOAab7RlovbI3xdm0lcCNPJaHNi1-SjCKOdfw--JMQ&sai=AMfl-YSBQG6eKCkK-OEJvcMBJxV1iDR5k7VJw4hn4f-LnCwPc7yAJpx6su50c5Jbigl_VOmu-j5BLbEqh3b4b_XS_EvL-hmtxenI8GcBK-lJVDgRvq05UYiDLgxsDbeHq9w&sig=Cg0ArKJSzJQVv6R-fUknEAE&cid=CAQSPADq26N9oMwC_aReAO274NNn730h9rsQOlsfhMj68Euho7aQ1-n9JKFysRT_r9hGKwZce9EEdEFpavVB1RgBIBM&id=lidartos&mcvt=32115&p=1107,315,1197,1285&mtos=32115,32115,32115,32115,32115&tos=32115,0,0,0,0&v=20230105&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=614391757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=b&rst=1673009130246&rpt=847&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&spb=0

Verdicts & Comments Add Verdict or Comment

342 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontentvisibilityautostatechange function| getMapping01 function| getMapping02 function| googleInterstitial function| googleAdvertising object| googletag string| o object| a object| b function| Navegg object| naveggReady object| nvg82438 object| _taboola function| getCookieGTM function| ui object| dataLayer object| _newsroom object| _ilabsPushConfig object| IlabsPush object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager undefined| rangeMicro undefined| rangeMacro undefined| range undefined| view undefined| observerArticle undefined| articleGTM function| e function| t object| marfeel string| hidden string| visibilityChange undefined| momentHidden function| handleVisibilityChange string| GoogleAnalyticsObject function| ga number| limit object| listSection string| urlOrigin string| textOrigin function| pageViewUpdate object| observerSections number| count function| $ function| jQuery function| getFunctionFromString function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| regeneratorRuntime boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd object| _tb_vpx boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| COMSCORE function| udm_ object| ns_p function| ne function| Z function| C function| Me function| V function| pe function| Pe function| $e function| m function| Le function| ke function| Oe function| Ie function| Ae function| ze function| De function| Ne function| Ge function| Be function| Re function| Ve function| He function| je function| Fe function| _e function| We function| qe function| Xe function| Ye function| Ke function| Ue function| Je function| Qe function| Ze function| et function| tt function| it function| st function| nt function| rt function| at function| lt function| ot function| dt function| ct function| ft function| Q function| R function| ut function| pt function| H function| ht function| k function| j function| he function| mt function| me function| gt function| vt function| wt function| St function| bt function| xt function| yt function| Et function| Ct function| Mt function| Pt function| $t function| Lt function| kt function| Ot function| At function| zt function| Dt function| Nt function| Gt function| Rt function| ge function| Vt function| Ht function| Ft function| _t function| Wt function| qt function| Xt function| Yt function| Kt function| Jt function| Qt function| Zt function| ti function| ii function| ni function| ri function| ai function| li function| ae function| oi function| di function| ci function| fi function| hi function| mi function| vi function| wi function| Si function| xi function| Ti function| Ei function| Mi function| Pi function| $i function| P function| ce function| Li function| we function| Oi function| N function| zi function| Se function| Gi function| Bi function| Ri object| polopoly function| updateWidgets function| adsLeaderboardStickyState function| sticksObserverAds object| authElement string| canonical object| meteredCookie string| plan undefined| userIdGTM function| decode function| padIfNecessary function| getCookie function| setCookie string| planAuthUserForMarfell object| AMP object| gaplugins object| gaGlobal object| gaData number| newsroomStartsLoadingTime object| tbNewsroom function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| clarity object| ampScript string| link function| getPlan function| clicks function| getTotalClicks function| getAvailableClicks function| getAllowedClicks string| articleId object| meteredAccessValue string| queryString object| urlParams object| aid undefined| totalClicks undefined| availableClicks undefined| allowedClicks object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| _pmk function| TBWidgetFacebook function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| hh object| _pm_mcg object| image object| preloadImages object| PushnewsSubscription string| nam object| placementData object| CleverCore boolean| CleverCoreLoaded object| _ppads object| _pbjs object| _pbjsChunk object| ADAGIO object| Criteo object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| sas object| apntag object| _ADAGIO string| key object| ONFOCUS object| tbopt object| GoogleGcLKhOms object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| google_image_requests object| nvg46575 object| teads_analytics function| nvgGetSegment function| ltgc

77 Cookies

Domain/Path Name / Value
.navdmp.com/ Name: ac3
Value: 1
.verdesmares.com.br/ Name: _gid
Value: GA1.3.467650393.1673009129
.verdesmares.com.br/ Name: _gat_UA-41498495-1
Value: 1
.verdesmares.com.br/ Name: _ga_3DESQCJNQ5
Value: GS1.1.1673009128.1.0.1673009128.0.0.0
.verdesmares.com.br/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1673009128%2C%22currentVisitStarted%22%3A1673009128%2C%22sessionId%22%3A%221fa71f95-050c-406e-a836-04c84ac7b3b3%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//diariodonordeste.verdesmares.com.br/%22%2C%22referrer%22%3A%22%22%7D
.verdesmares.com.br/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1673009128%2C%22userId%22%3A%223b7500ea-df80-409c-9ba7-bdb6651d7400%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1673009128%2C%22timesVisited%22%3A1%7D
.verdesmares.com.br/ Name: compass_uid
Value: 3b7500ea-df80-409c-9ba7-bdb6651d7400
diariodonordeste.verdesmares.com.br/ Name: _tb_sess_r
Value:
.verdesmares.com.br/ Name: nvg82438
Value: 1207f10f7f383e7f058120c90e10|0_7
events.newsroom.bi/ Name: 391_u
Value: 3b7500ea-df80-409c-9ba7-bdb6651d7400
events.newsroom.bi/ Name: 391_s
Value: 1fa71f95-050c-406e-a836-04c84ac7b3b3
events.newsroom.bi/ Name: 391_lv
Value: null
events.newsroom.bi/ Name: 391_ut
Value: 0
.mathtag.com/ Name: uuid
Value: f35863b8-17e8-4400-bd53-430fe51e69b6
www.clarity.ms/ Name: CLID
Value: 92d950e5cb914ed8aace6bbf23869f8b.20230106.20240106
.verdesmares.com.br/ Name: _clck
Value: 1jrzh2i|1|f81|0
.doubleclick.net/ Name: IDE
Value: AHWqTUkSc64OEGWbBtjgxigNG4zbGECqiXUDZJ_xNFkGmznlwNtOJqwpvgxSyfyklr8
diariodonordeste.verdesmares.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D5f3528e8-fb6f-4637-b0a6-a5128b38e5dc-tuctab19d68
diariodonordeste.verdesmares.com.br/ Name: clever-last-tracker-49109
Value: 1
.verdesmares.com.br/ Name: _clsk
Value: 1fq3dm0|1673009129394|1|0|e.clarity.ms/collect
diariodonordeste.verdesmares.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.verdesmares.com.br/ Name: _ga
Value: GA1.3.1897933078.1673009129
.verdesmares.com.br/ Name: _gat_gtag_UA_210532949_3
Value: 1
.rubiconproject.com/ Name: khaos
Value: LCKIFU4W-18-1BJH
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB03utNc4OVi07U1ZxogGjlwOA+xFj1I9scPlNhSTbzUQyoRH/3ab5wKn58f+t/6n1w4Z+C8zxJPBjCDWPsub1hkMbCAS1ybZdWfA8diPTB6jUMegDC1i1R7G7JtXJVTTK0=
.verdesmares.com.br/ Name: __gads
Value: ID=bf601a7e86c5b645:T=1673009128:S=ALNI_MZm5YoR79HCQBJOqbPKu8cGRIl4Og
.verdesmares.com.br/ Name: __gpi
Value: UID=00000b9e30be1ec8:T=1673009128:RT=1673009128:S=ALNI_MZ-ut7aKFxLWH-FoDXVt88zzLZt_Q
.bet365.de/ Name: Affiliates
Value: Code=365_01015691%2f162148597502&prd=Sports
members.bet365.de/ Name: session
Value: processform=0
.bet365.de/ Name: pstk
Value: A8C8A0E45B832DAAA75D7A9B57F48419000003
.bet365.de/ Name: __cf_bm
Value: ADJiv70NnkE4K0LwKGzj2cCE3MSphYgLa2VcYXWF76E-1673009130-0-AUNK2elcbimPb7NdvD7RDReLENHJEDFq2PfZobx+48GzN/jfP3fRare+tD/eKTSIKe7agoyLFMWLk8qlDSdqq+8=
diariodonordeste.verdesmares.com.br/ Name: nvggid
Value: null
.adnxs.com/ Name: uuid2
Value: 4158191924542238869
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?jwinqk!]tbPl1M>e)ZlrFUfJ+tGXxo7FnOiT[7EY+>mfD>^Er.!XqK-gaaVT*(-G2m3If)y3KL9D3I?+XN28Rr
.casalemedia.com/ Name: CMID
Value: Y7gX65.VOzvPIrUKNU0PegAA
.casalemedia.com/ Name: CMPS
Value: 3293
.casalemedia.com/ Name: CMPRO
Value: 3293
.casalemedia.com/ Name: CMTS
Value: 5202
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 8734001898528327802
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221C879AA6-9553-4E87-8020-83A1F7412783%22%7D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-31e3928e-405e-45a6-a649-2fb9974c4e2c-003%22%7D
.bidswitch.net/ Name: tuuid
Value: a18ac6ae-7789-4f67-810c-b4f2049570cf
.bidswitch.net/ Name: c
Value: 1673009131
.bidswitch.net/ Name: tuuid_lu
Value: 1673009131
.adform.net/ Name: uid
Value: 1587379214818448793
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-31e3928e-405e-45a6-a649-2fb9974c4e2c-003%22%7D
.creative-serving.com/ Name: tuuid
Value: 1dc162b1-81d4-4eac-8b52-497c1111006a
.creative-serving.com/ Name: c
Value: 1673009131
.creative-serving.com/ Name: tuuid_lu
Value: 1673009131
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.c.bing.com/ Name: SRM_B
Value: 00428D9D6F3F674B33029F0C6EB46624
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 91FC9BFC-3F62-4064-8889-D24E99B256E9
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 00428D9D6F3F674B33029F0C6EB46624
.c.clarity.ms/ Name: ANONCHK
Value: 0
.criteo.com/ Name: uid
Value: 0096b70e-c21c-4ff4-a9a0-0c9f0f79beca
.navdmp.com/ Name: nid
Value: 1207f10f7f185f74c09f93bc3610|2|36
.verdesmares.com.br/ Name: nvg46575
Value: 1207f10f7fc5f4fd6f23e7f74b10|2_7
.sxp.smartclip.net/ Name: uuid
Value: accc09dc-ee17-b863-7187-8edb5b5fdab6
.sxp.smartclip.net/ Name: psyn
Value: 19363.75
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y7gX7gAJr0HIjwAp
.krxd.net/ Name: _kuid_
Value: PTW3CpC9
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.demdex.net/ Name: demdex
Value: 25220870053022464214558780979632426501
.smartadserver.com/ Name: pid
Value: 5090446706218376494
.dpm.demdex.net/ Name: dpm
Value: 25220870053022464214558780979632426501
.verdesmares.com.br/ Name: cto_bundle
Value: KEUbbF85NEozbTZkZVRoUmhyNVVSdXQ0dnFRUGJJU0V3aGVmdyUyRkFMOHNSM2hhZGREa1NzUVV6MCUyQkxmRTZKUU16cFFteVNQZmRUVzFCY3N2d1lkdTJFNXdJWm42VlhDMmF3ZnpVbk5GNCUyRnJ4eXVxdTJJekxPYmpZV3d2b2hrYVNkT0tmN2t5OCUyQjklMkIyRWtMclRFdlJJcHd2QjlWWER5bG9za1lGV2xGSENjUDR5b0NjJTNE
.verdesmares.com.br/ Name: cto_bidid
Value: 1LPDPl9KNVNmMFdsb2kzV2N2dVVzeUNZYzNsNnU4WVF6a241RTRBTDE4WEJIVTVEZHJzUGNMYnJyd3RLb3J1RSUyRkhXJTJGNEcxMWljM05tWFhEajlwR0FyYnZsa0cwR0hpSEFwUDNUN1ZZNzUwMXM5NUZhJTJGNmZNOWdCWDNJTk1EOFdkQ1BiOA
.yahoo.com/ Name: A3
Value: d=AQABBO8XuGMCEEexOlZ9vwKVIgJUYuviSHsFEgEBAQFpuWPBYwAAAAAA_eMAAA&S=AQAAAq9psN2aC5pwRx8F0cYANH0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1da46018-4a6c-4f40-8dd1-396c13cb587b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzMwMDkxMzU7MjswMjG8hPAmBzOwmayabnVbtZnuY5GioMYh0yn+XGX2Sa4n9w==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2930:u=1:x=1:i=1673009135:t=1673095535:v=2:sig=AQFmpp_PH4tVrO1033Dda36oPb4IcfTE"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A9e7JIK6r0HKqv7VTbP8_io

41 Console Messages

Source Level URL
Text
security error URL: https://diariodonordeste.verdesmares.com.br/
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: about:blank
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: about:blank
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: about:blank
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: about:blank
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: about:blank
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: about:blank
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://cdn.pn.vg/push/ilabspush.min.js
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ArdinaText-Bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://cdn.taboola.com/libtrc/userx.20230105-3-RELEASE.es6.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ArdinaText-Bold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://c2.taboola.com/nr/diariodonordeste-diariodonordeste/newsroom.js(Line 2)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://diariodonordeste.verdesmares.com.br/assets/fonts/ardina-text/ArdinaText-Bold.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 31)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js(Line 1)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130(Line 4)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130(Line 4)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130(Line 4)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
security error URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20221130(Line 4)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
network error URL: https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=77442649983?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://diariodonordeste.verdesmares.com.br/
Message:
Refused to execute script from 'https://sync.crwdcntrl.net/map/c=15478/tp=NVEG/tpid=77442649983?https%3A//sync.navdmp.com/sync%3Fprtid%3D38%26lotid%3D%24%7Bprofile_id%7D' because its MIME type ('image/gif') is not executable.
security error URL: https://diariodonordeste.verdesmares.com.br/
Message:
Refused to execute script from 'https://tags.bluekai.com/site/31435?id=77442649983&redir=https%3A//sync.navdmp.com/sync%3Fprtid%3D18%26blkid%3D%24_BK_UUID' because its MIME type ('image/gif') is not executable.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js(Line 9)
Message:
The source list for the Content Security Policy directive 'default-src' contains an invalid source: ''unsafe-dynamic''. It will be ignored.
worker error URL: blob:https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/21d680ce-34c0-48c6-b6e8-f52996d91c20
Message:
Mixed Content: The page at 'blob:https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/21d680ce-34c0-48c6-b6e8-f52996d91c20' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/21d680ce-34c0-48c6-b6e8-f52996d91c20
Message:
Mixed Content: The page at 'blob:https://576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com/21d680ce-34c0-48c6-b6e8-f52996d91c20' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors http://polopoly.verdesmares.com.br default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval' 'unsafe-dynamic'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN ALLOW-FROM http://polopoly.verdesmares.com.br

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

576f15b63de42d311369e18d0aaf3db7.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.creative-serving.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
am-trc-events.taboola.com
at.teads.tv
beacon-fra2.rubiconproject.com
beacon.krxd.net
bidder.criteo.com
c.bing.com
c.clarity.ms
c1.adform.net
c2.taboola.com
c2shb.pubgw.yahoo.com
call.cleverwebserver.com
cdn.ampproject.org
cdn.navdmp.com
cdn.pn.vg
cdn.taboola.com
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
cookies.pn.vg
d27rf63iunghx1.cloudfront.net
diariodonordeste.verdesmares.com.br
dpm.demdex.net
dsum-sec.casalemedia.com
e.clarity.ms
eb2.3lift.com
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
ib.adnxs.com
id.navegg.com
image6.pubmatic.com
images.taboola.com
lp.cleverwebserver.com
match.adsrvr.org
match.prod.bidr.io
members.bet365.de
mp.4dex.io
mug.criteo.com
nr-events.taboola.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.mathtag.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
s.amazon-adsystem.com
s.update.rubiconproject.com
s0.2mdn.net
sb.scorecardresearch.com
script.4dex.io
scripts.cleverwebserver.com
sdk.mrf.io
secure.adnxs.com
securepubads.g.doubleclick.net
sender.clevernt.com
ssp-sync.criteo.com
static.criteo.net
static.premiumads.com.br
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.navdmp.com
sync.smartadserver.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync2.navdmp.com
tag.navdmp.com
tags.bluekai.com
tags.premiumads.com.br
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
ui.cleverwebserver.com
unpkg.com
usr.navdmp.com
widget.perfectmarket.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
pagead2.googlesyndication.com
104.111.217.14
135.125.160.77
141.226.224.32
141.226.228.48
142.250.184.226
142.250.186.130
142.251.208.162
148.69.64.76
15.197.193.217
151.101.130.207
151.101.194.207
151.101.65.44
151.101.66.49
170.82.174.15
178.250.0.157
18.185.180.247
18.203.130.15
185.64.190.78
185.80.39.216
185.86.139.115
185.86.139.96
185.89.210.101
185.89.210.122
2.18.232.7
2.18.233.201
2.18.68.187
2.18.69.48
20.234.93.27
20.62.48.180
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2001:678:cb4:bbbb::11
212.82.100.182
213.19.147.45
23.64.52.128
2600:9000:206e:4a00:15:6513:6d40:21
2602:803:c004:200::140
2602:803:c004:200::154
2606:4700:10::6814:e180
2606:4700:20::681a:9a9
2606:4700:20::681a:f79
2606:4700::6810:7daf
2606:4700::6810:cf3
2606:4700::6812:19f6
2606:4700::6812:372
2606:4700:e0::ac40:6c22
2620:1ec:21::14
2620:1ec:4f:1::44
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a00:1450:400d:803::200e
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2003
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a02:2638::42
2a04:4e42:400::300
2a05:d018:d29:3605:c47f:b3fe:c8ab:fb9b
34.249.78.36
34.98.67.61
35.157.209.111
35.157.246.167
35.186.194.101
35.190.0.66
37.157.4.23
37.157.6.233
46.4.112.233
5.226.179.19
51.89.9.252
52.17.115.124
52.46.155.104
52.49.185.121
52.94.223.37
54.73.139.57
54.76.69.248
54.93.225.243
69.173.144.138
69.173.144.165
76.223.111.18
96.16.132.239
99.86.4.32
0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98
0324285c6b1f4553be30ae185ec958ae99309f1a7a3865a8edf6ffbb6df10e1f
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
054be264e91be8c5ef20fa5530b04ff87ad37e4d2b5f751061933c58b3fd6172
06fb44187ece062fdd6007f696b51a66e199163b2a86af9788b5cd4809ae7af8
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09f4ae5e27a58d2b26f5bbccb16cca8cc613a438cbddb8f74e391837a2b3cf1d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e2f0c9cbccdda0a00dd3941ac94e2ccb284028f1c27ce69a4630ea815f3efb9
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d
11cef47a5d76dc0eddca842f7b25b92f2758ee41755286394bc47ecd8c09f107
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128d2cf69ce3669c10edf58d4e8049b363f7f857e9a0608769ab83e0d5ea33bc
136884539021575d67f7342e2996b06ac73a1a1f0b69254e53f70d11662f3bbc
14514b76463d056766a187bf54059acaf1ff05146169cc33998d286dc58a2cb5
150431c4e70ae805fba43a94f1b154417be47c26d7f3ca60a7e1a0ab7b50ba80
1827183ce5096d3153438efe0add7a564624d4b56ccab18f07e8db2dbe0fa51f
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f4f9776d8caa9605e6a5aa8bff3546284bfd60d03963038dd32498499ca45f
19d4fa5e5f7164cfa51ca5e06216f551c4905d14ee02301a5ad2bb70272b7a3e
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b21c2d2fad97069ea01dc2c47711d13342896eed4debf09e950cc2ac02f7898
1c6c9d8548d627e7686b7181eefb0e8939df4aa139f5d9cebecbf0ba8f0ccb36
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1d72f5138995e2e23818bcb586b4e1a9a2fef742e062c81f114ac67b6719e23f
1d7ae248d97d35e8cfc7398c3257d8524207e7e3ad0f8c4b10f8721f93fbda5c
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2059e4fcd9e09182dfb482c6c8985d9b26939c63986290dd136bf85b9117761d
21bdac7561ae9a0316f34be946336cae36932ea757182e711839d6c26d54c67f
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
230fca95e5ec8529298e60e4840e6af672672d0c3ec4c3e2026ee2bbbaa77e6e
233b9d6376601268b84443914ba9c3a6123a06916372270e011acfed1f2cf852
238fd7ab0dd5fa0280ec9d686e10970d2466e89133314acbd01bc3d98dda7bf9
2503393789616a9f6c78898ffb237c424895227bddf1b3687d667b64e83d4fca
250bca73bd728f38f228ac7edccf2ecb8e822c1c01866faccb372593a756cf71
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
2609d2941b88e186cb2214b99eaff1a01cde5a573039afb2bb8268bea7660ebc
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2965fadd418cc11b273221a6353c2ca21925254185816b974559e271de9549e3
2a71804e22166e4f78ac7b8a179bbef5828f5c1c5cd39d998e0670f277f84ebd
2b5363ebdd65a26a6bda0b8abc85048ce1ea6259e3a2b6e59ad6cb2984b01334
2b8aa5824cd6fc4c4ade331047b9cd5c7651dd26be9b2551bb3817fe019800bd
2c8ea603653d9a56e2f3325e359e1967d46ee2ecac8add37eb3958ac73ed079e
2fd1fd68a5510ed26f9ff18454ae1938af92d6b55c6b415514bbe6a3ab789356
3042250e6e9ece43bc139bb6a515d7e75012e511f655015d64798a84e8e1cf0c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3238f7245bfd8b76ecab5ba2dc75f683b5c1a8e342e30db6bf79656fb5dc673b
327864cd7fa368892a997d3a22556cdcef9fc80814f24c24c1cfa1f9cf800ed9
3361e91435c8d8a10b7ba8e447fdb9e8cf94681182d2ce70a59dd3fb56dfca5d
376c3c3bb9c16b414adea731f90dfe7e39f849f7c6f5de26f28c592fcf2aa950
38fc116785ae25f52631e992255d5c67cc26dc621e998e6301b9b66ad48435e2
3940c990ba192e1435272555be46f92e1a0639bf7a79094fb0a2b78c5055a655
39e028b554aea065c123567a5d0136200db7f42e7b78ea1ae244b9d8e70185ea
3c2edb04860935540c2d7a81e340a8c4f6933623721a2290b482257cc4a49872
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dac0f22f981a1e8828e9516833b3ac6fe985cf1852033b0f153c9cb8694d3a5
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f78db732fd67cee6fbe4b219ebfec4f4ddefa9d83080fe6019a291071609f33
3fdda19578136f4a3cb0b2286a601fbbb4228666504ede1a365830a182b1e904
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
44785beca13e118ddd542af15e05c9464aad937564cc8bb57d666580376dec29
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b7b61d4a719998ac12bf2e12279a9175c971e617eb6544766cf8c5f0369459
4829ca9e6ed3a3620fe05f1cc9ac86c6bba79da2f2a67e98b81dae9fd05fd806
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4917de17d867bc35fa51ba7f9963c3e1786a6320c62f603b9fe1b11ebca9c594
4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0
49e3b440aac254f624d681b9096f341d0b8b55f519654125872f9e1a287f8877
49fa8f18013b0422147f433164e8f53fcab977716a70175a134176060616bd12
4a88d6816b0921f68c81166f231aac459941bbde4376724a4f5c2c2d7f7275a2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7695e314e153f48d34c2b4a03f7bbc9615ee68a73828a7be1baff788939241
4cb64cde3e3845ab96b5d720be38f4d0395f778da33403871abfdabe64bac11a
4dc1ff3b77f0146e967c433c5fe7e039f607af8c487a92015389629331c1d775
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e2046d98598eb3d15933fe759244180923a6a97926ba2a4ae0497c3eaf1af5
51eb4811df12afcda583ac8f5e55a7f3882c1e4eeefba9e5f45b4a179693073c
52a29b757bfaf927dcb60fc3ed65d05560152bdc2b12227e5c53344237d1bed3
537c27f5390787f389c5e0600f22458a8a3ca65dc43d27ec4c465b851553c595
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53cb63726a0b21ca199891a569d46bf700bee8f9afd9c377570dfcf5c0e2cdb6
54dff538ad0bf2c70e55939473ab7d709bfa5af7518cffc7d9262e10d5b38b81
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56828800a4a575d3b1940a854640ad25c3c93a7d3933ab96150ef48788d637d0
57e4f09712f9ca05fdc60d34ef9308ffc80a592d3fb4035decd71080fa23d1b2
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5b803dc09fc8c3effd748d8703593402e5e9e0d4f4b5e07deb28979aa856fb60
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6256d639de09c364164ea15a0c57669ceaa574ffa0d129950dc2fb19f3bd1665
62c5f695770b1949c73438e22336075f2c8ee0da9fb98b54b4350749ecb6bbd8
635db4552eb1469b2e327a3eb840eafb50933695f995f7a682afe380d96d551e
6366bfede901f183b516c7361e3dd409ec31355afc6b0f48d152fd5a1cae5a4d
63bc5373259840156ae93ba26b9df0dd2f97ce98ebb3fdb970699cd718a23230
6488f8d65f083b01f1e48a9556f281d089ead8a19165af3cb7d7343170e4ccdb
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67d7eb6805d29f099e89378123cfcf4f377d45ee2d660fffed82a5c1e3e1dbc5
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc5972ea91a58e3ba92b9dec362a2fa419e8e85bead975a4804ae5d03f89784
6c3454b7d7950ad36eb92e3804c320a79054cb9cb028b4a3949c55c68aa8b393
6dc0e3aead945b6160bc87da5f4d8fbb043dde5d0bece2aa426fa01895c9e358
6dc54b59d9676995b295651619a40959edfd2e18ef49e89e4c0a569066c1405d
6efc1eb06ba493d312c04abc0419ef0e4d5d908b0ebbb26c674fbdf755613392
70c825f3dd4d1f91d45f4cac979ab017acc42e82a8bc4644699e6eadff0400fe
71fe56acc74530aa862d158b7ccefa3975ec837edcc17c6b1fe35a0b9fbbe5fb
72693af653139ede0baa62dae577ded6a9012fe8ecffe91d101ec6c7b29686fb
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
73e9d35950d4804c128bb6ff550bd80a0e3933ed54803029602cf3897a18b219
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
74579a8b4fe27aa309796dcc0cfb3a592762a369cfa3c807ab7b6e7e60f1f891
74bb549f0ebefbd7dd43ec069e9a11bf9dc4e26b82c56806f322dbb6ed83cd19
74f09b520d816083c87e4bf2da75b1ef4aabb3dfa7d703b5b984fb45bd337d0b
750f9e12cd51e2b22b844f73a41951aba4f0662eebaa9bf700f2a27b3baa847b
757a9daa63650138fd902f15b33dfa3ae7ea0a4c2c8aadd405c7c09f5c6af7df
7873ce5ab0103f258bb40a7ee4ec613aba529fe58782303a4b1a92f22822bd64
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
7a9c491b50bba720218e34460861af80230634424a8492598b0561802d73b3c0
7b3e1381a618c7a746ec787409d36256763a1a9e57489daea865e7726ff506cc
7f74700b630dde94575ecd79caf73b5da2d467144998b1f1a8713a3bdbd50a5e
802fab38b64f358bdea22f4e018f75b4a12f29817f100c29dbd6293c589fd4a3
80496376a8e910404b0ab27df0029540609149b3e5c14cc63f6b1b55e5860a52
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
858b7e47a783d1721e38de9e2dae5410acd19cde6338b5b4be1761bc64159408
85cc4c652afbaa94b1444817fe16c3c4f84c9f1ad8615044fc20337d8f3c3b36
869c671beb0b128c008179a0e3fcddbfa62cfe83351672d1142b1d734858bc33
86bcd335eb476f5e6caf27b16532055d27e9737dcc397fc001df967fe1eede71
86d85c2fb6c3aef61be2e092f1a809839065e73f948db805ad92eb5eaea8fac8
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
897a61f461e2da1c232ce838911e080848f1454071e4e1fea731055df1b03f86
89e58d6d9131d8aeb28df9336451c07dc343fcb995dd11c7a23ff10aea72ef4c
8abb6bf1017c9508b256a3bc46cfdccc62eaf38ceee24d8ee7ce7abc849e4227
8c7fef804a151e6a23eae3ab777abf179634e8c7c0c82db022d918aaa1b38fba
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d87c94e16d348ce707d90ddfcea28aad7d4155438d0e0e16325c874a34a335e
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ed2b91eda7c0499b97a33861806d0ed9b4d1837445d2419bfdb01148e9fb86a
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
907c2f2d71abe95d47608a82115aff982af9126b9b9f16f23d0894a741c0c765
92cffc96d80411d52866dd5ff62630ae8a1dad1cb4bd1b95c7d0e72b95aa2afd
94ab2ec362af8a7306489ad3c356b5f3724b28cdf6fcd22c635d16e0dc89dbc8
964565e96eba3653f3f34e6cab49ebb69a7e628e6f376d0b3995048e60d4c264
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98af5e2d044165db4fe04e7a288c125ad78d50bd9e212ca6e520e5a55140e869
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a911782a9d1a53c1c90b440beed750584f83620bef4d1c97de328a8fa472b47
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d7050d1a83f4486e16b8be414a47d260be19b5ad39ff4e042fbe180cb25e4ae
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff5526fbe195ceaf4c14ad2a2adb2ebb1428fc3fade5a2bccc9a00a14bb24d8
a01536a4e78676d34742f3d6a8718fd8604dc9c0f4569cbc5a38c1e66d774cf5
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e1b81ee14a9c3432248f962ca11f3d939f6066c4eafb15a61680e7b406aa18
a0f0ea3e215b4b386598ab9239710170bf60644e4c840b348037cca288cf89af
a1698d66dedcd2a3c29e9a57a06d1a525caf331e3a757ed8f4ce8464c14766e9
a1d6e8daddba62809bcd91dcf7b3109469da7129bb81033b9d1899f232770168
a3ff3c56ac7cdb7c92f31da7cab1d0149087566c5bd7bf4674ce639f64998502
a40146d9fdca59d47bc679f5b01503ad5d5630bdba25a60b1c544d233f64b5c9
a4503362cad5e457e4e26453273c26cfdaca7aa25f8a76f5508746b94046b3f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c012f52a79847e00cc1e8f8538fbd3a2237d06c78d56351a4fd844ee296279
a813062a7f0437a92984ea3a39feec5b7f070309be4765804739bb6917ecc6db
a8354377842b642d431956bd66b9399c3084768ae66002d80be5528c559e4eec
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51
abf535d4735df96355294590ac4e53ee2fa9f58e13b222e6ee067152eea56c62
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae040633d0b8edba169cc3ffb349bf0c6196574ff717b4bbf4b8cf850deec002
ae821393730d4f47ed22922fdc5f36319c2c66f2d9396da23dfe76771376fa18
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b02160bfac2ae893c79e5550af05a89cab4abfdf3a410f88245f2da7faa200a4
b1350a0e4f8b6c22b6e7938ad9d13a7ec5cb3091823c0fcea09e757ef1695645
b136c61bf36c1dc4e5d5bcd88dc24126c1b0eb00056d6a768d76ade0062855fd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a85e97882de120942a728bbf95854c74176feb55c8e8c278a93d325d1ae82e
b5ec2a4d1861890e777618cb339db16300cba327389383ea485ae69ec748b619
b8683d861b8449eaa346c46cfa609c2142c0e505e41615aee70096c6e31e919e
b8f4ef9a5c5344789257208f59dc09c4cc35927a30aff3f98a6f4c952ebbae8c
b9fa61bfa43c8235f98a6c719d621464cf8548d33e3c1b104f10e57dd2d5bb2c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc593e8aef8bec3076d8f4d76e66461b61d8b0c5cf5a52ef51d6c904d7d5a385
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bcd71666ea63d4a00969b970c9cdba3cd15b06b53bc84e96df351324c6cd6c5e
bcf719cd6c1893ef28246de19a56d2e900e3d3d64db739f2e8710fd0a002ce51
be5dac88f846981a45b8194fedaa0d03459211bcca1bf28a7fc43e0bbb2aea00
be8adcc762245304909182b11d4843e2481d502a9394fdb85a3cfa7f9b48e670
bef8bdbb8b093f76cc792141c0c68137a54e9d399ca334f6c788c4b65abf2a76
c0e9a6b1f9e8f8a90c7435c24b83a489dd2c42e37ddc27abec411dd3df63a5d9
c1f3d9e7f727bd94ce12e12449c6487fa89deb751c563b14106903a0db9492e5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c37e5682407d07e7974304b5334721abfcaaf80533aa565ee3a2f66de1f6676f
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c69727d0f46ea06b45f9f22564fe520a7eb84963204ca03612c00cdfb461347a
c7c82034d05942708d9b34d82fb3199b70e0faad83e609ee549db028314acb48
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
ca30f19d8b9001d94e3979213ccf6ac5f8e185368f667e8105df60d0afed8845
cb628952d6bc075ff694798d2a8dcaf7c1917a933cccc195810db8af2d39f21a
cb7903f120120ae732a7bf2fb5349ddbe1c162b3b76381aeff30b73131ab86e0
cb94f1c204fa2565272d86498ff3d5d08f778807852a6f61a187b924c025b052
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd67d3ef1a4202a1c67fe1c79bab8338c13d5df2bce075a40fedc3bdd930518b
cda9e405d476907b07df5ba2daf29f6d9f802bc7df20e3c9a1295c601e210406
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0eccb46386f3477525740decb6c4e29ec38ad2feaebfaf29493f807ddbd6785
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d3d95a0eef9f16b9fe8ae5513cc3d6e42c7e26b124779acc43296d953f2f2f3a
d52c4ecae22296f543f5cdf8798f5ca867a1a22533bdedf5a9effe627e8ac5c1
d54ee5bc808b7614257c4430045c5133792eeb5c62771a3ff26334e1c54a707d
d57ea859a372d1ae3c6b6072b657983d6ca369d1430feb301c8c8aad30ece0ba
d7534b85b050963115a9f1ae415c2ca510316892cee81d03c5440e0eb3f9b6c4
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8d4b2ee7a4c72c4a133b054f4664754d6a167768520f10eb695d4bff99af79f
d95d3b264412224586015eddfec5643b196373737c9f2acfdcfa8f866987f099
d9736ecc3d0b02292cbcc412ccde89edccaa563cf91cb2e4c93e20ef91bfb2e6
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
dce621e9142720f2b43df8ed34f13b4888617265140412ec9231cd4001fd744d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3876c55c0fe527bea47b37cfe3479040325194f3df7d2b077794ef6d584470
e029dcfc7d26d3deecd535e2d64defbd26fcc965b39edc669415a2bd89e34532
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e0a56803d6a521a780dfbf099724d443c36c93de37029e6729b12d602cc583d6
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2897f072ab49817b55117d5814ee2ecfa2e1d08c6eb704c6ba5a6a7ccade055
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e343b603386eb4c1ca373907270e3e1d44af2e0af2255abf0f5e89528c675af2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e412890822de8bad80ce9fad9b7a9f735b00777bdabdca8c2ce141a922cb7641
e5ead7d81c88dd34a6927fbe7a680fb0dfa76b3d7c3307632da7256f4b4f1839
e6186898d3adab025723d21c7811706eae76408cf704a00aef1241f2287cad08
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6ae2d279bfef2ba78509baf464d2f725aa12acde5cd0df6d8bae0ca86a7f6d4
e6af27034814713cdcefafc1a3a40467202fecb8e04f32bbf067d51d139b8419
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e7e65f5432de604cdf476d9ad55a2af5a933c715c639e4c36847023a3446f1ec
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4356c259e87e804c2f603d7ea4ca9aab04a7ab28f25d320a98d1b12d43568f
eb50a18b227110f8e6a6bcda9b4765a4fe392f8a56807da6c36ce11ef96bef04
ec412c4a31f9b4110f2b32c733be5292e43c0460373b1e3e61b9241679f730e4
ec6d0575130f58a6b63f1fd6654c1487aae416032a3d9e517e1ee42c4cad2ccc
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb55a249cb7fe14833f29b537a601de5d62495a81501fdf5889a8fa160d15fe
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f099ab2b067e69ce7aec7316818cd1847e4bf80ecc9b3efa0cc9b4fa3d1e88d5
f1538fb1d271d15c842a46eff6e08f8fa83679543260bc36670a33da3170fe21
f3cd5c20a3884bd7cda8eb950adeba86736e8cbf6ae2fa7f84ece1ced383445c
f3f47120adc3630d0df29449d4cf2fd3bde9022d98c882f8cc342902039c0cdd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5baa4d60470a8a53017733f8489c66411d0b65af7883d73c22ac1c949478c35
f6cdf488e01c52018c72e669f38948ef1b3f44463428e6f2fd87c1d77ca77c05
f6dfa2c04db388863830532cfdb8853889002cf88d189761188b33a90f9e56fa
f73690dd3b92b464bc80bff96fac53bcf7dc053b1cccc95aa894b1b3af82c7b7
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f78b7c22a682654ff65da1cb8b038dd1a5ba173ecc7cab15f54da8e01696f2bf
f7fa07dc1641fa98687abb1cac64ca10ef98f69568be378d612397460b7ca24b
f92720e61715901ec68eeaaa92f3148a175054370df656992613b05b51520bb5
fd4b39c5826c4be19da1d80687c15c2ae61eeb4b82dc1a8930eeab511b2077cd
fe081a84ca6ae1db3a9694b552c5c07cb94958d6468e9a61b58c85366c3ff5bd
ff4a391302ee0b5f813f3582d1f3e6fd54683ac0d9779ff3bcce076a0e1a593d